INFCSA-2024:9195: cyrus-imapd security update
Information about definition
Identificator: INFCSA-2024:9195
Type: security
Release date: 2025-09-24 19:22:24 UTC
Information about package
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support.
Vulnerabilities description
- CVE-2024-34055
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-34055
|
no information | 6.5 | no information |
Updated packages
Preparing to download...