Cyrusimap: >> Cyrus Imap >> 1.6.10 Security Vulnerabilities
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.
CVSS Score
6.5
EPSS Score
0.008
Published
2024-06-05
Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-08-22