0.005 Low
EPSS
Percentile
76.6%
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop.
bugzilla.redhat.com/show_bug.cgi?id=1800491
dovecot.org/pipermail/dovecot-news/2020-February/000431.html
nvd.nist.gov/vuln/detail/CVE-2020-7046
www.cve.org/CVERecord?id=CVE-2020-7046