The JSON encoder in Dovecot prior to 2.3.5.2 allows malicious users to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dovecot dovecot |
||
opensuse leap 15.0 |