VDB
CVE-2020-7957
CVE-2020-7957
PUBLISHED
Es existiert eine Schwachstelle in Dovecot. Unter bestimmten Bedingungen behandeln die IMAP- und LMTP-Komponenten in Dovecot die Snippet-Generierung falsch. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.
EPSS 0.51% · 66.6th percentile
Risk Scores
EPSS Score
0.51%
66.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE openSUSE | |
| Open Source | Open Source Dovecot <2.3.9.3 |
Exploit Intelligence
Timeline
- Feb 12, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2025-0237.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0237 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-7957 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-7046 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KZSDCZ5LA6IHY7KXVSL6ULAJVP6OFT2M/ advisory