AVG-2087 log

Package dovecot
Status Fixed
Severity High
Type information disclosure
Affected 2.3.14-2
Fixed 2.3.15-1
Current 2.3.16-3 [community]
Ticket None
Created Mon Jun 21 14:43:15 2021
Issue Severity Remote Type Description
CVE-2021-33515 High Yes Information disclosure
A security issue has been found in Dovecot before version 2.3.14.1. An on-path attacker could inject plaintext commands before the STARTTLS negotiation that...
CVE-2021-29157 Medium No Information disclosure
A security issue has been found in Dovecot before version 2.3.14.1. The kid and azp fields in JWT tokens are not correctly escaped. This may be used to...
Date Advisory Package Type
22 Jun 2021 ASA-202106-56 dovecot information disclosure