Imap Security Vulnerabilities and Issues — Imap CVE List

Lucene search

CyrusImap

3 matches found

CVE•added 2019/11/15 4:15 a.m.•216 views

CVE-2019-18928

Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.

9.8CVSS9.6AI score0.005EPSS

CVE•added 2019/06/03 8:29 p.m.•158 views

CVE-2019-11356

The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.

9.8CVSS9.4AI score0.25844EPSS

CVE•added 2019/12/16 2:15 p.m.•90 views

CVE-2019-19783

An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to c...

6.5CVSS6.3AI score0.01032EPSS