CVE-2021-28994

high

Description

kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers.

References

Advisories
More

http://www.openwall.com/lists/oss-security/2021/04/25/1

http://www.openwall.com/lists/oss-security/2021/04/01/1

https://www.openwall.com/lists/oss-security/2021/03/19/6

Details

Source: Mitre, NVD

Published: 2021-03-31

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00408

Detections

Analytics