Vulnerabilities (CVE)

Filtered by vendor Postsrsd Project Subscribe
Filtered by product Postsrsd
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-35525 1 Postsrsd Project 1 Postsrsd 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
CVE-2020-35573 2 Debian, Postsrsd Project 2 Debian Linux, Postsrsd 2024-11-21 5.0 MEDIUM 7.5 HIGH
srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address.