CNNVD-202509-1504 Information
CNNVD ID
CNNVD-202509-1504
Related CVE
- CNNVD Published: 2025-09-10
Description (Chinese)
stalwart是Stalwart Labs开源的一个多功能邮件和协作服务器。 stalwart 0.12.0至0.13.3之前版本存在安全漏洞,该漏洞源于CalDAV实现中存在内存耗尽问题,可能导致拒绝服务攻击。
Description (English)
Starwart is a multi-purpose mail and collaborative server from the Starwart Labs open source. There was a security loophole in the pre-versions of stalwart 0.12.0 to 0.13.3, which stemmed from the RAM depletion of CalDAV, which could lead to a denial of service attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Stalwart Labs
Published
2025-09-10
Last Modified
2026-02-24
References
https://github.com/stalwartlabs/stalwart/blob/main/CHANGELOG.md https://github.com/stalwartlabs/stalwart/commit/15762fba2ba335e560b8d25f71af085a8b6b6cf2 https://github.com/stalwartlabs/stalwart/releases/tag/v0.13.3 https://github.com/stalwartlabs/stalwart/security/advisories/GHSA-xv4r-q6gr-6pfg https://tools.ietf.org/html/rfc4791
Patch
https://github.com/stalwartlabs/stalwart/releases
Share on: