Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stalwart Mail Server has Out-of-Memory Denial of Service via Malformed Nested MIME Messages
Vulnerability Description
Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested `message/rfc822` MIME parts via IMAP or JMAP causes excessive CPU and memory consumption, potentially leading to an out-of-memory condition and server crash. The malformed structure causes the `mail-parser` crate to produce cyclical references in its parsed representation, which Stalwart then follows indefinitely. Version 0.15.5 contains a patch.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Stalwart Mail Server 安全漏洞
Vulnerability Description
Stalwart Mail Server是Stalwart实验室的一体化邮件服务器。 Stalwart Mail Server 0.13.0版本至0.15.4版本存在安全漏洞,该漏洞源于处理包含畸形嵌套message/rfc822 MIME部分的特制电子邮件时,可能导致CPU和内存消耗过高,引发内存不足和服务器崩溃。
CVSS Information
N/A
Vulnerability Type
N/A