First published: Thu Nov 03 2022(Updated: )
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Alpine Project Alpine | <2.25 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Alpine vulnerability is CVE-2021-46853.
The severity of CVE-2021-46853 is medium with a CVSS score of 5.9.
CVE-2021-46853 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
Alpine version up to and excluding 2.25 is affected by CVE-2021-46853.
To fix CVE-2021-46853 in Alpine, it is recommended to update to version 2.25 or later.