← Back

Cyrus Imap

cyrus_imap

Vendor: Cyrusimap • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-34055
1Cyrusimap
1Cyrus Imap
Dec 6, 2024
Jun 5, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.
CVE-2017-12843
2Cyrusimap
Fedoraproject
2Cyrus Imap
Fedora
May 13, 2026
Aug 22, 2017
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.