Все бюллетени/c9f2/ALT-PU-2024-15885-4
ALT-PU-2024-15885-4

Обновление пакета isync в ветке c9f2

Версия1.4.4-alt1
Задание#362990
Опубликовано2026-03-07
Макс. серьёзностьCRITICAL
Серьёзность:

Закрытые проблемы (1)

CVE-2021-3657
CRITICAL9.8

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.

Опубликовано: 2022-02-18Изменено: 2024-11-21
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки