Astra Linux – Vulnerability in dovecot

The submission service in Dovecot before 2.3.15 allowed for STARTTLS command injection in the lib-smtp library. Sensitive information could be redirected to an address controlled by the attacker...

Moderate: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

AZL-7196 CVE-2021-33515 affecting package dovecot for versions less than 2.3.20-1

The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address...

UBUNTU-CVE-2021-33515

The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address...

PT-2021-3385 · Dovecot +9 · Dovecot +9

Name of the Vulnerable Software and Affected Versions: Dovecot versions prior to 2.3.15 Description: The issue is related to the submission service in Dovecot, which allows STARTTLS command injection in lib-smtp. This can lead to sensitive information being redirected to an attacker-controlled...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : apache2 vulnerability (USN-990-2)

USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue. After updating openssl, an Apache server will allow...