Dovecot prior to 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dovecot dovecot |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |