Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the designated mailbox on the opposite end of the synchronization channel. The highest threat from this vulnerability is to data confidentiality and integrity.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Sourceforge mbsync 路径遍历漏洞
Vulnerability Description
Sourceforge mbsync是美国Sourceforge社区的一个应用软件。提供同步远程IMAP邮箱和本地maildir样式的邮箱 mbsync v1.3.5 版本之前和 v1.4.1 版本之前存在路径遍历漏洞,该漏洞源于允许恶意或受攻击的服务器使用特殊制作的邮箱名。
CVSS Information
N/A
Vulnerability Type
N/A