Lucene search
GoogleOSV:CVE-2020-24386HistoryJan 04, 2021 - 5:15 p.m.
CVE-2020-24386
2021-01-0417:15:13
Google
osv.dev
4
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users’ email messages (and path disclosure).
References
packetstormsecurity.com/files/160842/Dovecot-2.3.11.3-Access-Bypass.html
seclists.org/fulldisclosure/2021/Jan/18
www.openwall.com/lists/oss-security/2021/01/04/4
doc.dovecot.org/configuration_manual/hibernation/
dovecot.org/pipermail/dovecot-news/2021-January/000450.html
dovecot.org/security
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXDKFLOCUP7I4ELGQ2F4P5TGC6NXMYV7/
security.gentoo.org/glsa/202101-01
www.debian.org/security/2021/dsa-4825
Related
redhatcve
redhatcve
CVE-2020-24386
2021-01-04 15:00:12
alpinelinux
alpinelinux
CVE-2020-24386
2021-01-04 17:15:13
debiancve
debiancve
CVE-2020-24386
2021-01-04 17:15:13
openvas
openvas
Dovecot 2.2.26 - 2.3.11.3 Information Disclosure Vulnerability
2021-01-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0018-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-4674-1)
2021-01-11 00:00:00
nvd
nvd
CVE-2020-24386
2021-01-04 17:15:13
cvelist
cvelist
CVE-2020-24386
2021-01-04 16:25:43
nessus
nessus
SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2021:0018-1)
2021-01-05 00:00:00
GLSA-202101-01 : Dovecot: Multiple vulnerabilities
2021-01-11 00:00:00
RHEL 8 : dovecot (RHSA-2021:1887)
2021-05-19 00:00:00
prion
prion
Path traversal
2021-01-04 17:15:00
cve
cve
CVE-2020-24386
2021-01-04 17:15:13
ubuntucve
ubuntucve
CVE-2020-24386
2021-01-04 00:00:00
veracode
veracode
Information Disclosure
2021-01-15 16:21:17
osv
osv
Moderate: dovecot security and bug fix update
2021-05-18 06:19:41
dovecot vulnerabilities
2021-01-04 14:04:39
dovecot - security update
2021-01-04 00:00:00
ubuntu
ubuntu
Dovecot vulnerabilities
2021-01-04 00:00:00
oraclelinux
oraclelinux
dovecot security and bug fix update
2021-05-25 00:00:00
debian
debian
[SECURITY] [DLA 2517-1] dovecot security update
2021-01-05 16:41:18
[SECURITY] [DSA 4825-1] dovecot security update
2021-01-04 15:23:59
[SECURITY] [DSA 4825-1] dovecot security update
2021-01-04 15:23:59
gentoo
gentoo
Dovecot: Multiple vulnerabilities
2021-01-10 00:00:00
redhat
redhat
(RHSA-2021:1887) Moderate: dovecot security and bug fix update
2021-05-18 06:19:41
almalinux
almalinux
Moderate: dovecot security and bug fix update
2021-05-18 06:19:41
fedora
fedora
[SECURITY] Fedora 32 Update: dovecot-2.3.13-2.fc32
2021-01-20 01:27:57
altlinux
altlinux
Security fix for the ALT Linux 9 package dovecot version 2.3.13-alt1
2021-01-18 00:00:00
mageia
mageia
Updated dovecot packages fix security vulnerabilities
2021-01-08 16:59:29
freebsd
freebsd
mail/dovecot -- multiple vulnerabilities
2020-08-17 00:00:00
suse
suse
Security update for dovecot23 (important)
2021-01-16 00:00:00
Security update for dovecot23 (important)
2021-01-07 00:00:00
Security update for dovecot23 (moderate)
2021-09-01 00:00:00
archlinux
archlinux
[ASA-202101-4] dovecot: multiple issues
2021-01-04 00:00:00