isync Project isync 1.3.3

CPE Details

isync Project isync 1.3.3
isync_project
isync
1.3.3
2021-11-26
14h44 +00:00
2021-11-30
20h29 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:isync_project:isync:1.3.3:*:*:*:*:*:*:*

Informations

Vendor

isync_project

Product

isync

Version

1.3.3

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-3657 2022-02-18 16h50 +00:00 A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.
9.8
Critique
CVE-2021-3578 2022-02-16 17h35 +00:00 A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.
7.8
Haute