CVE-2020-28200 Information
Jun 07, 2022
cve
Description
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption as demonstrated by a situation with a complex regular expression for the regex extension.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Reference
https://dovecot.org/security https://www.openwall.com/lists/oss-security/2021/06/28/3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TK424DWFO2TKJYXZ2H3XL633TYJL4GQN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JB2VTJ3G2ILYWH5Y2FTY2PUHT2MD6VMI/
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
LOW
Base Severity
4.3
Share on: