isync

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description IMAP and MailDir mailbox synchronizer
Version 1.4.3-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-2579 1.4.3-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-44143 AVG-2579 Medium Yes Arbitrary code execution
A security issue was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2042 1.4.1-1 1.4.2-1 Medium Fixed
AVG-1598 1.3.3-1 1.3.5-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-20247 AVG-1598 High Yes Directory traversal
A security issue was found in isync/mbsync before versions 1.3.5 and 1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur,...
CVE-2021-3578 AVG-2042 Medium Yes Arbitrary code execution
A security issue was found in mbsync before version 1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary...

Advisories

Date Advisory Group Severity Type
09 Jun 2021 ASA-202106-27 AVG-2042 Medium arbitrary code execution
27 Feb 2021 ASA-202102-38 AVG-1598 High directory traversal