cvedb.io
CVE-2017-15132
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2018-01-25T20:29:00.213 · Last modified 2026-06-17T01:07:18.403

Summary

A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion.

Affected products

dovecot — dovecot

Does this affect you?

Add your gear to cvedb and we'll alert you only when dovecot ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.