VDB

GCVE-110-MAGEIA-2021-78

GCVE-110-MAGEIA-2021-78
Advisory Published
Vulnetix · Advisory published February 10, 2021
Messages with too many tiny nested MIME parts can lead to memory exhaustion on split(), resulting in denial of service (rhbz#1835353) This update limits the number of nested MIME parts to 10 (by default), to avoid a possible memory exhaustion issue with lots of tiny MIME parts.

Affected Products

VendorProductVersionsPlatforms
Mageiaroundcubemail0 (affected), 1.5-0.beta.2.mga8 (unaffected)
Mageiaperl-Email-MIME0 (affected), 1.949.0-3.1.mga7 (unaffected), 0 (affected), 1.949.0-3.1.mga7 (unaffected)
Mageiaperl-Email-MIME-ContentType0 (affected), 1.24.0-3.1.mga7 (unaffected), 0 (affected), 1.24.0-3.1.mga7 (unaffected)

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›