vulnerability

Red Hat: CVE-2020-25275: CVE-2020-25275 dovecot: Denial of service via mail MIME parsing (Multiple Advisories)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jan 4, 2021
Added
May 21, 2021
Modified
Jul 9, 2025

Description

Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts.

Solution(s)

no-fix-redhat-rpm-packageredhat-upgrade-dovecotredhat-upgrade-dovecot-debuginforedhat-upgrade-dovecot-debugsourceredhat-upgrade-dovecot-develredhat-upgrade-dovecot-mysqlredhat-upgrade-dovecot-mysql-debuginforedhat-upgrade-dovecot-pgsqlredhat-upgrade-dovecot-pgsql-debuginforedhat-upgrade-dovecot-pigeonholeredhat-upgrade-dovecot-pigeonhole-debuginfo
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.