Project

General

Profile

Actions

Security #6477

closed

SMTP: quadratic complexity from unbounded number of transaction per flow

Added by Philippe Antoine about 1 year ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Label:
Git IDs:

8f73a0ac5588cb5e5c501b3c7a07cb5d35b99d92

Severity:
CRITICAL
Disclosure Date:
01/24/2024


Subtasks 2 (0 open2 closed)

Security #6532: SMTP: quadratic complexity from unbounded number of transaction per flow (7.0.x backport)ClosedPhilippe AntoineActions
Security #6659: SMTP: quadratic complexity from unbounded number of transaction per flow (6.0.x backport)ClosedPhilippe AntoineActions
Actions #1

Updated by Philippe Antoine about 1 year ago

  • Status changed from New to In Review

Gitlab

Actions #2

Updated by Victor Julien about 1 year ago

  • Target version changed from 7.0.3 to 8.0.0-beta1
  • Label Needs backport to 7.0 added
Actions #3

Updated by OISF Ticketbot about 1 year ago

  • Subtask #6532 added
Actions #4

Updated by OISF Ticketbot about 1 year ago

  • Label deleted (Needs backport to 7.0)
Actions #5

Updated by Philippe Antoine 11 months ago

  • Disclosure Date set to 01/24/2024
Actions #6

Updated by Victor Julien 11 months ago

  • Severity changed from MODERATE to CRITICAL

CRITICAL as this can be used to slow down to the point of DoS.

Actions #7

Updated by Victor Julien 11 months ago

  • Label Needs backport to 6.0 added
Actions #8

Updated by OISF Ticketbot 11 months ago

  • Subtask #6659 added
Actions #9

Updated by OISF Ticketbot 11 months ago

  • Label deleted (Needs backport to 6.0)
Actions #10

Updated by Victor Julien 10 months ago

  • Status changed from In Review to Resolved
  • CVE set to 2024-23836
Actions #11

Updated by Philippe Antoine 10 months ago

  • Status changed from Resolved to Closed
  • Git IDs updated (diff)
Actions #12

Updated by Victor Julien 9 months ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF