Max CVSS | 7.2 | Min CVSS | 4.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-11499 | 5.0 |
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message.
|
01-03-2023 - 15:20 | 08-05-2019 - 17:29 | |
CVE-2019-11494 | 5.0 |
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command.
|
01-03-2023 - 15:15 | 08-05-2019 - 18:29 | |
CVE-2019-3814 | 4.9 |
It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
|
14-06-2019 - 03:29 | 27-03-2019 - 13:29 | |
CVE-2019-7524 | 7.2 |
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.
|
14-06-2019 - 03:29 | 28-03-2019 - 14:29 |