Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-35573 | 2 Debian, Postsrsd Project | 2 Debian Linux, Postsrsd | 2022-04-26 | 5.0 MEDIUM | 7.5 HIGH |
srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address. | |||||
CVE-2021-35525 | 1 Postsrsd Project | 1 Postsrsd | 2021-09-20 | 5.0 MEDIUM | 5.3 MEDIUM |
PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless." |