CVE-2020-12100

Updated: 2023-11-07 20:17:00.04737

Description:

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS dovecot 2.0.9 7.5 HIGH Released CLSA-2021:1634573745 2022-05-05 12:02:05
CloudLinux 6 ELS dovecot 2.0.9 7.5 HIGH Released 2021-12-09 07:57:03
Oracle Linux 6 ELS dovecot 2.0.9 7.5 HIGH Released CLSA-2021:1634922570 2021-12-09 07:57:03