CVE-2015-8076

The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html
http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html
http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html
http://www.openwall.com/lists/oss-security/2015/09/29/2
http://www.openwall.com/lists/oss-security/2015/09/30/3
http://www.openwall.com/lists/oss-security/2015/11/04/3
https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921
https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b	Vendor Advisory
https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html
https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html	Vendor Advisory
https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html
http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html
http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html
http://www.openwall.com/lists/oss-security/2015/09/29/2
http://www.openwall.com/lists/oss-security/2015/09/30/3
http://www.openwall.com/lists/oss-security/2015/11/04/3
https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921
https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b	Vendor Advisory
https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html
https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html	Vendor Advisory
https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:opensuse:leap:42.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:cyrus:imap:2.3.0:::::::*
	cpe:2.3:a:cyrus:imap:2.3.1:::::::*
	cpe:2.3:a:cyrus:imap:2.3.2:::::::*
	cpe:2.3:a:cyrus:imap:2.3.3:::::::*
	cpe:2.3:a:cyrus:imap:2.3.4:::::::*
	cpe:2.3:a:cyrus:imap:2.3.5:::::::*
	cpe:2.3:a:cyrus:imap:2.3.6:::::::*
	cpe:2.3:a:cyrus:imap:2.3.7:::::::*
	cpe:2.3:a:cyrus:imap:2.3.8:::::::*
	cpe:2.3:a:cyrus:imap:2.3.9:::::::*
	cpe:2.3:a:cyrus:imap:2.3.10:::::::*
	cpe:2.3:a:cyrus:imap:2.3.11:::::::*
	cpe:2.3:a:cyrus:imap:2.3.12:::::::*
	cpe:2.3:a:cyrus:imap:2.3.13:::::::*
	cpe:2.3:a:cyrus:imap:2.3.14:::::::*
	cpe:2.3:a:cyrus:imap:2.3.15:::::::*
	cpe:2.3:a:cyrus:imap:2.3.16:::::::*
	cpe:2.3:a:cyrus:imap:2.3.17:::::::*
	cpe:2.3:a:cyrus:imap:2.3.18:::::::*
	cpe:2.3:a:cyrus:imap:2.4.0:::::::*
	cpe:2.3:a:cyrus:imap:2.4.1:::::::*
	cpe:2.3:a:cyrus:imap:2.4.2:::::::*
	cpe:2.3:a:cyrus:imap:2.4.3:::::::*
	cpe:2.3:a:cyrus:imap:2.4.4:::::::*
	cpe:2.3:a:cyrus:imap:2.4.5:::::::*
	cpe:2.3:a:cyrus:imap:2.4.6:::::::*
	cpe:2.3:a:cyrus:imap:2.4.7:::::::*
	cpe:2.3:a:cyrus:imap:2.4.8:::::::*
	cpe:2.3:a:cyrus:imap:2.4.9:::::::*
	cpe:2.3:a:cyrus:imap:2.4.10:::::::*
	cpe:2.3:a:cyrus:imap:2.4.11:::::::*
	cpe:2.3:a:cyrus:imap:2.4.12:::::::*
	cpe:2.3:a:cyrus:imap:2.4.13:::::::*
	cpe:2.3:a:cyrus:imap:2.4.14:::::::*
	cpe:2.3:a:cyrus:imap:2.4.15:::::::*
	cpe:2.3:a:cyrus:imap:2.4.16:::::::*
	cpe:2.3:a:cyrus:imap:2.4.17:::::::*
	cpe:2.3:a:cyrus:imap:2.5.0:::::::*
	cpe:2.3:a:cyrus:imap:2.5.1:::::::*
	cpe:2.3:a:cyrus:imap:2.5.2:::::::*
	cpe:2.3:a:cyrus:imap:2.5.3:::::::*

History

21 Nov 2024, 02:37

Type	Values Removed	Values Added
References	~~() http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html -
References	~~() http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html -
References	~~() http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html -~~	() http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html -
References	~~() http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html -~~	() http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html -
References	~~() http://www.openwall.com/lists/oss-security/2015/09/29/2 -~~	() http://www.openwall.com/lists/oss-security/2015/09/29/2 -
References	~~() http://www.openwall.com/lists/oss-security/2015/09/30/3 -~~	() http://www.openwall.com/lists/oss-security/2015/09/30/3 -
References	~~() http://www.openwall.com/lists/oss-security/2015/11/04/3 -~~	() http://www.openwall.com/lists/oss-security/2015/11/04/3 -
References	~~() https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921 -~~	() https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921 -
References	~~() https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b - Vendor Advisory~~	() https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b - Vendor Advisory
References	~~() https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html -~~	() https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html -
References	~~() https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html - Vendor Advisory~~	() https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html - Vendor Advisory
References	~~() https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html - Vendor Advisory~~	() https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html - Vendor Advisory

Information

Published : 2015-12-03 20:59

Updated : 2025-04-12 10:46

NVD link : CVE-2015-8076

Mitre link : CVE-2015-8076

CVE.ORG link : CVE-2015-8076

JSON object : View

Products Affected

opensuse

leap
opensuse

cyrus

imap

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2015-8076", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-12-03T20:59:07.533", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2015/09/29/2", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2015/09/30/3", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2015/11/04/3", "source": "secalert@redhat.com"}, {"url": "https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921", "source": "secalert@redhat.com"}, {"url": "https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html", "source": "secalert@redhat.com"}, {"url": "https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00037.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00038.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2015/09/29/2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2015/09/30/3", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2015/11/04/3", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.cyrus.foundation/imap/release-notes/2.3/x/2.3.19.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.cyrus.foundation/imap/release-notes/2.4/x/2.4.18.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.4.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read."}, {"lang": "es", "value": "La funci\u00f3n index_urlfetch en index.c en Cyrus IMAP 2.3.x en versiones anteriores a 2.3.19, 2.4.x en versiones anteriores a 2.4.18, 2.5.x en versiones anteriores a 2.5.4 permite a atacantes remotos obtener informaci\u00f3n sensible o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores relacionados con el intervalo urlfetch, lo que desencadena una lectura de memoria din\u00e1mica fuera de rango."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cyrus:imap:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB8010D9-3E9A-4E02-B623-14A7E7D6E36B"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B29B6023-B43F-4E86-B1B9-43030A4318B3"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2488FA8D-4A00-4552-9D53-719C48A3C852"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E5DD1C0-94DA-4B0F-8F12-27EA6A778AB1"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF750E40-8AE9-4E2C-8AB9-5F3516D8A59B"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D182B614-963F-4795-9F19-BBA539E873DD"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98F3F484-F9BC-44F8-9198-A5B256008F5F"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C31176E-CA98-4D05-AD24-E4B804466044"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15439E12-10BF-4639-B1CE-A9576C912DB5"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4227C194-65EC-492D-B103-81DE69F2F3DA"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EA01D24-FD48-4155-8414-6AC6C077089E"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA294EE1-3F4E-4AED-97E0-117C6E4801DA"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F7FB3C0-4389-41E5-B7D4-CF1E11F8E60C"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23870D8F-A9B3-4F93-9101-EE4ECD7B9927"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F9406E6-0CA1-44BE-9B0D-FC5ACDB777B0"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E86DB81E-0DFF-4CA6-8643-EB8E7B096EE6"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC81D721-C4C7-4E79-8EA7-48E54A30A3AC"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E15275B-7106-49C0-BF61-EEEE183F65AA"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.3.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CBEAC0D-1793-45C7-9A39-CC7F9F4EE4DA"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA4ABA24-DD0E-478E-A503-BBD0522A4130"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80119A9A-D728-4646-A5DE-610D82FD7A56"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "926C716E-4D2D-4457-B8CC-CB0DF43AF6FD"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25BF767D-AF1A-4FFF-AFB1-8DF62257FAEB"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5BEFE14-B04A-46AC-A086-39A6611A68D5"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "022D8959-B923-4577-A539-7EB5A7C9F71D"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68E7D10E-B6CC-4131-8D6C-4C461B1A1877"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03108AC9-8D1F-408A-A763-75826A30F592"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BE92657-EF13-4178-A0A7-D67FB025E68A"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DC0604B-57C2-48BD-9D05-7BF323B72F1E"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57349AD7-4B02-419F-A0BA-05FB82118C28"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5123A625-F376-4565-AE73-A1D5ED857381"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "892ED37F-513A-41B4-9156-A3E97F1408C8"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD878F64-4DB5-4E8D-8102-2935D9FC8F54"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "101B7930-5D96-435F-833D-EEDCCA6A2265"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A57B9E9-C6BC-4ED6-9CB2-E7D36B4C7A6E"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEF73A59-DE7D-4031-848F-AA2A3998C946"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "494DE44F-3694-460D-B83E-398D541AD27C"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65828710-86AB-49A5-AB94-5A10E4E8C203"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "352E2F78-2796-4DB2-A68B-B5AB9826148C"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "910DAFB7-F23F-47F6-8EF5-85DACFD32950"}, {"criteria": "cpe:2.3:a:cyrus:imap:2.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E07D05DF-BDB6-4C3E-8430-DB97D3EEDA8D"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

7.5 /10