Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-34055HistoryJun 05, 2024 - 5:15 a.m.
CVE-2024-34055
2024-06-0505:15:49
Debian Security Bug Tracker
security-tracker.debian.org
4
cyrus imap
authentication
vulnerability
unix
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
18.8%
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cyrus-imapd | < 3.6.1-4+deb12u2 | cyrus-imapd_3.6.1-4+deb12u2_all.deb |
| Debian | 11 | all | cyrus-imapd | <= 3.2.6-2+deb11u2 | cyrus-imapd_3.2.6-2+deb11u2_all.deb |
| Debian | 999 | all | cyrus-imapd | < 3.8.3-1 | cyrus-imapd_3.8.3-1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 40 Update: cyrus-imapd-3.8.3-1.fc40
2024-06-14 01:45:55
[SECURITY] Fedora 39 Update: cyrus-imapd-3.8.3-1.fc39
2024-06-14 04:43:26
osv
osv
CVE-2024-34055
2024-06-05 05:15:49
cyrus-imapd - security update
2024-06-11 00:00:00
debian
debian
[SECURITY] [DSA 5708-1] cyrus-imapd security update
2024-06-11 18:24:35
openvas
openvas
Fedora: Security Advisory for cyrus-imapd (FEDORA-2024-f3e0255c75)
2024-06-15 00:00:00
Fedora: Security Advisory for cyrus-imapd (FEDORA-2024-123f2b3666)
2024-06-15 00:00:00
Debian: Security Advisory (DSA-5708-1)
2024-07-01 00:00:00
cve
cve
CVE-2024-34055
2024-06-05 05:15:49
nessus
nessus
Fedora 39 : cyrus-imapd (2024-123f2b3666)
2024-06-14 00:00:00
Fedora 40 : cyrus-imapd (2024-f3e0255c75)
2024-06-14 00:00:00
freebsd
freebsd
cyrus-imapd -- unbounded memory allocation
2024-04-30 00:00:00
redhatcve
redhatcve
CVE-2024-34055
2024-06-05 07:00:54
cvelist
cvelist
CVE-2024-34055
2024-06-05 00:00:00
nvd
nvd
CVE-2024-34055
2024-06-05 05:15:49
vulnrichment
vulnrichment
CVE-2024-34055
2024-06-05 00:00:00
ubuntucve
ubuntucve
CVE-2024-34055
2024-06-05 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
18.8%
Related for DEBIANCVE:CVE-2024-34055