CVE-2020-10957
18.05.2020, 14:15
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dovecot | dovecot | 𝑥 < 2.3.10.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| dovecot23 |
| ||||||||||||||||||||||
| dovecot23-backend-mysql |
| ||||||||||||||||||||||
| dovecot23-backend-pgsql |
| ||||||||||||||||||||||
| dovecot23-backend-sqlite |
| ||||||||||||||||||||||
| dovecot23-devel |
| ||||||||||||||||||||||
| dovecot23-fts |
| ||||||||||||||||||||||
| dovecot23-fts-lucene |
| ||||||||||||||||||||||
| dovecot23-fts-solr |
| ||||||||||||||||||||||
| dovecot23-fts-squat |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| dovecot |
| ||||||||||
| dovecot-devel |
| ||||||||||
| dovecot-mysql |
| ||||||||||
| dovecot-pgsql |
| ||||||||||
| dovecot-pigeonhole |
|
Common Weakness Enumeration
References