CVE-2021-28994

HIGH

7.5

CVSS Severity Score

EPSS Score0.1020%

EPSS Percentile23.46th

PublishedMar 31, 2021

Last ModifiedNov 21, 2024

Vulnerability Description

kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers.

Affected Platforms (CPE)

📦

Kopano

Groupware Core

<= 8.7.16

📦

Kopano

Groupware Core

>= 9.0.0 and <= 9.1.0

📦

Kopano

Groupware Core

>= 10.0.0 and <= 10.0.7

📦

Kopano

Groupware Core

>= 11.0.0 and <= 11.0.1

📦

Zarafa

>= 6.30.0 and <= 7.2.6

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2021/04/01/1

🔗 http://www.openwall.com/lists/oss-security/2021/04/25/1

🔗 https://www.openwall.com/lists/oss-security/2021/03/19/6

🔗 http://www.openwall.com/lists/oss-security/2021/04/01/1

🔗 http://www.openwall.com/lists/oss-security/2021/04/25/1

🔗 https://www.openwall.com/lists/oss-security/2021/03/19/6

Vulnerability Description

Affected Platforms (CPE)

Groupware Core

Groupware Core

Groupware Core

Groupware Core

Zarafa

References & Advisories

Related Vulnerabilities