isync Project isync 1.4.2

CPE Details

isync Project isync 1.4.2
isync_project
isync
1.4.2
2021-11-26
14h44 +00:00
2021-11-30
20h29 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:isync_project:isync:1.4.2:*:*:*:*:*:*:*

Informations

Vendor

isync_project

Product

isync

Version

1.4.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-3657 2022-02-18 16h50 +00:00 A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.
9.8
Critique
CVE-2021-44143 2021-11-22 18h29 +00:00 A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could conceivably be exploited for remote code execution.
9.8
Critique