On 8/07/22 7:16 pm, Aki Tuomi wrote:
Not all CVEs are "that serious". CVE scores are problematic, you can have a
solid 10.0 CVE score that affects practically no one, and you can have a 3.8 CVE that
affects ~everyone using the software.
This particular bug requires a quite specific setup, and
What? No user serviceable parts inside your car? It's a federal felony to raise
the hood for any reason. You've got to see an authorized dealer or a
professional mechanic for every little thing on a used car because cars are
closed source proprietary and it's illegal to circumvent anything etc.
> On 07/07/2022 23:59 EEST Noel Butler wrote:
>
>
> On 07/07/2022 07:24, Aki Tuomi wrote:
> >
> >
> > > On 06/07/2022 16:54 EEST Aki Tuomi via Dovecot-news
> > > wrote:
> > >
> > >
> > > Affected product: Dovecot IMAP Server
> > > Internal reference: DOV-5320
> > > Vulnerability type:
On 07/07/2022 07:24, Aki Tuomi wrote:
On 06/07/2022 16:54 EEST Aki Tuomi via Dovecot-news
wrote:
Affected product: Dovecot IMAP Server
Internal reference: DOV-5320
Vulnerability type: Improper Access Control (CWE-284)
Vulnerable version: 2.2
Vulnerable component: submission
Report
> On 06/07/2022 16:54 EEST Aki Tuomi via Dovecot-news
> wrote:
>
>
> Affected product: Dovecot IMAP Server
> Internal reference: DOV-5320
> Vulnerability type: Improper Access Control (CWE-284)
> Vulnerable version: 2.2
> Vulnerable component: submission
> Report confidence: Confirmed
>
Affected product: Dovecot IMAP Server
Internal reference: DOV-5320
Vulnerability type: Improper Access Control (CWE-284)
Vulnerable version: 2.2
Vulnerable component: submission
Report confidence: Confirmed
Solution status: Fixed in main
Researcher credits: Julian Brook (julezman)
Vendor