Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-40020 (GCVE-0-2026-40020)
Vulnerability from cvelistv5 – Published: 2026-05-12 13:28 – Updated: 2026-05-12 15:40- CWE-284 - Improper Access Control
| URL | Tags |
|---|---|
| https://documentation.open-xchange.com/dovecot/se… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Open-Xchange GmbH | OX Dovecot Pro |
Affected:
0 , ≤ 2.3.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T15:40:03.182471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T15:40:12.510Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"core"
],
"product": "OX Dovecot Pro",
"vendor": "Open-Xchange GmbH",
"versions": [
{
"lessThanOrEqual": "2.3.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T13:39:04.810Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
}
],
"source": {
"defect": "DOV-9040",
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2026-40020",
"datePublished": "2026-05-12T13:28:46.248Z",
"dateReserved": "2026-04-08T09:59:59.342Z",
"dateUpdated": "2026-05-12T15:40:12.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-40020",
"date": "2026-07-08",
"epss": "0.00271",
"percentile": "0.18702"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-40020\",\"sourceIdentifier\":\"security@open-xchange.com\",\"published\":\"2026-05-12T14:17:03.687\",\"lastModified\":\"2026-06-17T10:44:36.657\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known.\"}],\"affected\":[{\"source\":\"security@open-xchange.com\",\"affectedData\":[{\"vendor\":\"Open-Xchange GmbH\",\"product\":\"OX Dovecot Pro\",\"defaultStatus\":\"unaffected\",\"modules\":[\"core\"],\"versions\":[{\"version\":\"0\",\"lessThanOrEqual\":\"2.3.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@open-xchange.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-12T15:40:03.182471Z\",\"id\":\"CVE-2026-40020\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security@open-xchange.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.4\",\"matchCriteriaId\":\"86CE1F3B-DF73-431A-9EC0-491E8969A187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:open-xchange:dovecot:*:*:*:*:pro:*:*:*\",\"versionEndExcluding\":\"3.1.5\",\"matchCriteriaId\":\"28C2DD58-A4B0-4F2C-BC60-F30F380251BC\"}]}]}],\"references\":[{\"url\":\"https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json\",\"source\":\"security@open-xchange.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-40020\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-12T15:40:03.182471Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-12T15:40:08.183Z\"}}], \"cna\": {\"source\": {\"defect\": \"DOV-9040\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Open-Xchange GmbH\", \"modules\": [\"core\"], \"product\": \"OX Dovecot Pro\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.3.0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-284\", \"description\": \"Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"8ce71d90-2354-404b-a86e-bec2cc4e6981\", \"shortName\": \"OX\", \"dateUpdated\": \"2026-05-12T13:39:04.810Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-40020\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T15:40:12.510Z\", \"dateReserved\": \"2026-04-08T09:59:59.342Z\", \"assignerOrgId\": \"8ce71d90-2354-404b-a86e-bec2cc4e6981\", \"datePublished\": \"2026-05-12T13:28:46.248Z\", \"assignerShortName\": \"OX\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-40020
Vulnerability from fkie_nvd - Published: 2026-05-12 14:17 - Updated: 2026-06-17 10:444.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
| Vendor | Product | Version | |
|---|---|---|---|
| dovecot | dovecot | * | |
| open-xchange | dovecot | * |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"modules": [
"core"
],
"product": "OX Dovecot Pro",
"vendor": "Open-Xchange GmbH",
"versions": [
{
"lessThanOrEqual": "2.3.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"source": "security@open-xchange.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CE1F3B-DF73-431A-9EC0-491E8969A187",
"versionEndExcluding": "2.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:dovecot:*:*:*:*:pro:*:*:*",
"matchCriteriaId": "28C2DD58-A4B0-4F2C-BC60-F30F380251BC",
"versionEndExcluding": "3.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known."
}
],
"id": "CVE-2026-40020",
"lastModified": "2026-06-17T10:44:36.657",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-40020",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T15:40:03.182471Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-05-12T14:17:03.687",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
],
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-H6RP-9MJF-6X88
Vulnerability from github – Published: 2026-05-12 15:31 – Updated: 2026-05-12 15:31Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known.
{
"affected": [],
"aliases": [
"CVE-2026-40020"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T14:17:03Z",
"severity": "LOW"
},
"details": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known.",
"id": "GHSA-h6rp-9mjf-6x88",
"modified": "2026-05-12T15:31:40Z",
"published": "2026-05-12T15:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40020"
},
{
"type": "WEB",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
OXDC-ADV-2026-0002
Vulnerability from csaf_ox - Published: 2026-05-05 00:00 - Updated: 2026-05-12 00:00When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.4
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.4:*:*:*:*:*:*:*
|
3.1.4 |
Vendor Fix
|
|
OX Dovecot CE 2.4.3
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.3:*:*:*:*:*:*:*
|
2.4.3 |
Vendor Fix
|
Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 2.3.0
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:2.3.0:*:*:*:*:*:*:*
|
2.3.0 |
Vendor Fix
|
Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.0
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.0:*:*:*:*:*:*:*
|
3.1.0 |
Vendor Fix
|
|
OX Dovecot CE 2.4.0
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.0:*:*:*:*:*:*:*
|
2.4.0 |
Vendor Fix
|
Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users.
CWE-284 - Improper Access Control| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 2.3.0
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:2.3.0:*:*:*:*:*:*:*
|
2.3.0 |
Vendor Fix
|
An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.0.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.0.5:*:*:*:*:*:*:*
|
3.0.5 |
Vendor Fix
|
|
OX Dovecot Pro 3.1.4
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.4:*:*:*:*:*:*:*
|
3.1.4 |
Vendor Fix
|
|
OX Dovecot CE 2.4.3
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.3:*:*:*:*:*:*:*
|
2.4.3 |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"text": "HIGH"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Open-Xchange GmbH. All rights reserved.",
"tlp": {
"label": "GREEN",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License (https://creativecommons.org/licenses/by-nd/4.0/). If you distribute this content, you must provide attribution to Open-Xchange GmbH and provide a link to the original. You may not distribute a modified version of this content.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"name": "Open-Xchange GmbH",
"namespace": "https://open-xchange.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical CSAF document",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
},
{
"category": "self",
"summary": "Markdown representation",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/md/2026/oxdc-adv-2026-0002.md"
},
{
"category": "self",
"summary": "HTML representation",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/html/2026/oxdc-adv-2026-0002.html"
},
{
"category": "self",
"summary": "Plain-text representation",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/txt/2026/oxdc-adv-2026-0002.txt"
}
],
"title": "OX Dovecot Security Advisory OXDC-ADV-2026-0002",
"tracking": {
"current_release_date": "2026-05-12T00:00:00+00:00",
"generator": {
"date": "2026-05-12T13:38:55+00:00",
"engine": {
"name": "OX CSAF",
"version": "1.0.0"
}
},
"id": "OXDC-ADV-2026-0002",
"initial_release_date": "2026-05-05T00:00:00+00:00",
"revision_history": [
{
"date": "2026-05-05T00:00:00+00:00",
"number": "1",
"summary": "Initial release"
},
{
"date": "2026-05-12T00:00:00+00:00",
"number": "2",
"summary": "Public release"
},
{
"date": "2026-05-12T00:00:00+00:00",
"number": "3",
"summary": "Public release"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.1.4",
"product": {
"name": "OX Dovecot Pro 3.1.4",
"product_id": "OXDC-PRO_3.1.4",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "3.1.5",
"product": {
"name": "OX Dovecot Pro 3.1.5",
"product_id": "OXDC-PRO_3.1.5",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.3.0",
"product": {
"name": "OX Dovecot Pro 2.3.0",
"product_id": "OXDC-PRO_2.3.0",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "3.1.0",
"product": {
"name": "OX Dovecot Pro 3.1.0",
"product_id": "OXDC-PRO_3.1.0",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "3.0.5",
"product": {
"name": "OX Dovecot Pro 3.0.5",
"product_id": "OXDC-PRO_3.0.5",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.0.5:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "OX Dovecot Pro"
},
{
"branches": [
{
"category": "product_version",
"name": "2.4.3",
"product": {
"name": "OX Dovecot CE 2.4.3",
"product_id": "OXDC-CE_2.4.3",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.4.4",
"product": {
"name": "OX Dovecot CE 2.4.4",
"product_id": "OXDC-CE_2.4.4",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.4.0",
"product": {
"name": "OX Dovecot CE 2.4.0",
"product_id": "OXDC-CE_2.4.0",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "OX Dovecot CE"
}
],
"category": "vendor",
"name": "Open-Xchange GmbH"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"caprinuxx@yeswehack"
]
}
],
"cve": "CVE-2026-27851",
"cwe": {
"id": "CWE-235",
"name": "Improper Handling of Extra Parameters"
},
"discovery_date": "2026-03-29T16:37:17+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-8967"
}
],
"notes": [
{
"category": "description",
"text": "When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Avoid using safe filter until on fixed version.",
"product_ids": [
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "This can enable SQL / LDAP injection attacks when used in authentication."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "lib-var-expand: Safe filter leaks to all following pipelines"
},
{
"acknowledgments": [
{
"names": [
"djvirus@yeswehack"
]
}
],
"cve": "CVE-2026-40016",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-03-24T13:00:23+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-8948"
}
],
"notes": [
{
"category": "description",
"text": "Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_2.3.0"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install fixed version, or alternatively prevent direct access to Sieve scripts via ManageSieve or local access.",
"product_ids": [
"OXDC-PRO_2.3.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OXDC-PRO_2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "Sieve :contains/:matches O(N\u00d7M) Substring Match Bypasses sieve_max_cpu_time Limit (130\u00d7 Overrun)"
},
{
"acknowledgments": [
{
"names": [
"ylwango613@yeswehack"
]
}
],
"cve": "CVE-2026-33603",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"discovery_date": "2026-04-08T06:10:32+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-9030"
}
],
"notes": [
{
"category": "description",
"text": "Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_3.1.0",
"OXDC-CE_2.4.0"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install fixed version.",
"product_ids": [
"OXDC-PRO_3.1.0",
"OXDC-CE_2.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"OXDC-PRO_3.1.0",
"OXDC-CE_2.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "login: Base64 input can contain tabs that bypass IPC protection"
},
{
"acknowledgments": [
{
"names": [
"ilhamaf@yeswehack"
]
}
],
"cve": "CVE-2026-40020",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2026-04-08T09:42:22+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-9040"
}
],
"notes": [
{
"category": "description",
"text": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_2.3.0"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install to fixed version.",
"product_ids": [
"OXDC-PRO_2.3.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"OXDC-PRO_2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "The impact is limited to being able to spam folders to other users, no unexpected access is gained."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "IMAP folders can be shared-spammed to everyone"
},
{
"acknowledgments": [
{
"names": [
"D4RKCYPH3R@yeswehack"
]
}
],
"cve": "CVE-2026-42006",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-04-27T14:38:12+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-9138"
}
],
"notes": [
{
"category": "description",
"text": "An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_3.0.5",
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install fixed version, or configure vsz_limit for imap process to low value.",
"product_ids": [
"OXDC-PRO_3.0.5",
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"OXDC-PRO_3.0.5",
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Using excessive bracing, attacker can cause memory usage up to configured memory limit."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "imap-login: Excessive memory usage DoS - Try 2"
}
]
}
SUSE-SU-2026:22185-1
Vulnerability from csaf_suse - Published: 2026-06-19 17:04 - Updated: 2026-06-19 17:04| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dovecot24",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for dovecot24 fixes the following issues\n\n- CVE-2026-27851: lib-var-expand: safe filter leaks to all following pipelines (bsc#1265146).\n- CVE-2026-33603: login: base64 input can contain tabs that bypass IPC protection (bsc#1265147).\n- CVE-2026-40016: Sieve: contains/: matches O(NxM) substring match bypasses sieve_max_cpu_time limit (bsc#1265148).\n- CVE-2026-40020: IMAP folders can be shared-spammed to everyone (bsc#1265149).\n- CVE-2026-42006: imap-login: uncontrolled memory usage with excessive bracing over IMAP (bsc#1265150).\n\nChanges for dovecot24:\n\n- Update to 2.4.4\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-974",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22185-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22185-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622185-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22185-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047523.html"
},
{
"category": "self",
"summary": "SUSE Bug 1265146",
"url": "https://bugzilla.suse.com/1265146"
},
{
"category": "self",
"summary": "SUSE Bug 1265147",
"url": "https://bugzilla.suse.com/1265147"
},
{
"category": "self",
"summary": "SUSE Bug 1265148",
"url": "https://bugzilla.suse.com/1265148"
},
{
"category": "self",
"summary": "SUSE Bug 1265149",
"url": "https://bugzilla.suse.com/1265149"
},
{
"category": "self",
"summary": "SUSE Bug 1265150",
"url": "https://bugzilla.suse.com/1265150"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27851 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33603 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-40016 page",
"url": "https://www.suse.com/security/cve/CVE-2026-40016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-40020 page",
"url": "https://www.suse.com/security/cve/CVE-2026-40020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42006 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42006/"
}
],
"title": "Security update for dovecot24",
"tracking": {
"current_release_date": "2026-06-19T17:04:26Z",
"generator": {
"date": "2026-06-19T17:04:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22185-1",
"initial_release_date": "2026-06-19T17:04:26Z",
"revision_history": [
{
"date": "2026-06-19T17:04:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dovecot24-2.4.4-160000.1.1.aarch64",
"product": {
"name": "dovecot24-2.4.4-160000.1.1.aarch64",
"product_id": "dovecot24-2.4.4-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"product": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"product_id": "dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"product": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"product_id": "dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"product": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"product_id": "dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot24-devel-2.4.4-160000.1.1.aarch64",
"product": {
"name": "dovecot24-devel-2.4.4-160000.1.1.aarch64",
"product_id": "dovecot24-devel-2.4.4-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-2.4.4-160000.1.1.aarch64",
"product": {
"name": "dovecot24-fts-2.4.4-160000.1.1.aarch64",
"product_id": "dovecot24-fts-2.4.4-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"product": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"product_id": "dovecot24-fts-solr-2.4.4-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot24-2.4.4-160000.1.1.ppc64le",
"product": {
"name": "dovecot24-2.4.4-160000.1.1.ppc64le",
"product_id": "dovecot24-2.4.4-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"product": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"product_id": "dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"product": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"product_id": "dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"product": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"product_id": "dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"product": {
"name": "dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"product_id": "dovecot24-devel-2.4.4-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"product": {
"name": "dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"product_id": "dovecot24-fts-2.4.4-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"product": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"product_id": "dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot24-2.4.4-160000.1.1.s390x",
"product": {
"name": "dovecot24-2.4.4-160000.1.1.s390x",
"product_id": "dovecot24-2.4.4-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"product": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"product_id": "dovecot24-backend-mysql-2.4.4-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"product": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"product_id": "dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"product": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"product_id": "dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "dovecot24-devel-2.4.4-160000.1.1.s390x",
"product": {
"name": "dovecot24-devel-2.4.4-160000.1.1.s390x",
"product_id": "dovecot24-devel-2.4.4-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-2.4.4-160000.1.1.s390x",
"product": {
"name": "dovecot24-fts-2.4.4-160000.1.1.s390x",
"product_id": "dovecot24-fts-2.4.4-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"product": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"product_id": "dovecot24-fts-solr-2.4.4-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot24-2.4.4-160000.1.1.x86_64",
"product": {
"name": "dovecot24-2.4.4-160000.1.1.x86_64",
"product_id": "dovecot24-2.4.4-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"product": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"product_id": "dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"product": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"product_id": "dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"product": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"product_id": "dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot24-devel-2.4.4-160000.1.1.x86_64",
"product": {
"name": "dovecot24-devel-2.4.4-160000.1.1.x86_64",
"product_id": "dovecot24-devel-2.4.4-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-2.4.4-160000.1.1.x86_64",
"product": {
"name": "dovecot24-fts-2.4.4-160000.1.1.x86_64",
"product_id": "dovecot24-fts-2.4.4-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"product": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"product_id": "dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-devel-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-devel-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-fts-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot24-fts-solr-2.4.4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
},
"product_reference": "dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27851"
}
],
"notes": [
{
"category": "general",
"text": "When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27851",
"url": "https://www.suse.com/security/cve/CVE-2026-27851"
},
{
"category": "external",
"summary": "SUSE Bug 1265146 for CVE-2026-27851",
"url": "https://bugzilla.suse.com/1265146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-19T17:04:26Z",
"details": "important"
}
],
"title": "CVE-2026-27851"
},
{
"cve": "CVE-2026-33603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33603"
}
],
"notes": [
{
"category": "general",
"text": "Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy. Install fixed version. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33603",
"url": "https://www.suse.com/security/cve/CVE-2026-33603"
},
{
"category": "external",
"summary": "SUSE Bug 1265147 for CVE-2026-33603",
"url": "https://bugzilla.suse.com/1265147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-19T17:04:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-33603"
},
{
"cve": "CVE-2026-40016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-40016"
}
],
"notes": [
{
"category": "general",
"text": "Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed version, or alternatively prevent direct access to Sieve scripts via ManageSieve or local access. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-40016",
"url": "https://www.suse.com/security/cve/CVE-2026-40016"
},
{
"category": "external",
"summary": "SUSE Bug 1265148 for CVE-2026-40016",
"url": "https://bugzilla.suse.com/1265148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-19T17:04:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-40016"
},
{
"cve": "CVE-2026-40020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-40020"
}
],
"notes": [
{
"category": "general",
"text": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-40020",
"url": "https://www.suse.com/security/cve/CVE-2026-40020"
},
{
"category": "external",
"summary": "SUSE Bug 1265149 for CVE-2026-40020",
"url": "https://bugzilla.suse.com/1265149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-19T17:04:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-40020"
},
{
"cve": "CVE-2026-42006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42006"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit. Using excessive bracing, attacker can cause memory usage up to configured memory limit. Install fixed version, or configure vsz_limit for imap process to low value. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42006",
"url": "https://www.suse.com/security/cve/CVE-2026-42006"
},
{
"category": "external",
"summary": "SUSE Bug 1265150 for CVE-2026-42006",
"url": "https://bugzilla.suse.com/1265150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-mysql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-pgsql-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-backend-sqlite-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-devel-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-2.4.4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dovecot24-fts-solr-2.4.4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-19T17:04:26Z",
"details": "important"
}
],
"title": "CVE-2026-42006"
}
]
}
SUSE-SU-2026:2645-1
Vulnerability from csaf_suse - Published: 2026-06-26 09:00 - Updated: 2026-06-26 09:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dovecot22",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for dovecot22 fixes the following issues\n\n- CVE-2026-33603: login: base64 input can contain tabs that bypass IPC protection (bsc#1265147).\n- CVE-2026-40020: IMAP folders can be shared-spammed to everyone (bsc#1265149).\n- CVE-2026-42006: imap-login: uncontrolled memory usage with excessive bracing over IMAP (bsc#1265150).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2645,SUSE-SLE-SERVER-12-SP5-LTSS-2026-2645,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2645",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2645-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2645-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262645-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2645-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047644.html"
},
{
"category": "self",
"summary": "SUSE Bug 1265147",
"url": "https://bugzilla.suse.com/1265147"
},
{
"category": "self",
"summary": "SUSE Bug 1265149",
"url": "https://bugzilla.suse.com/1265149"
},
{
"category": "self",
"summary": "SUSE Bug 1265150",
"url": "https://bugzilla.suse.com/1265150"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33603 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-40020 page",
"url": "https://www.suse.com/security/cve/CVE-2026-40020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42006 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42006/"
}
],
"title": "Security update for dovecot22",
"tracking": {
"current_release_date": "2026-06-26T09:00:41Z",
"generator": {
"date": "2026-06-26T09:00:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2645-1",
"initial_release_date": "2026-06-26T09:00:41Z",
"revision_history": [
{
"date": "2026-06-26T09:00:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dovecot22-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-backend-mysql-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-devel-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-devel-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-devel-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-fts-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-fts-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-fts-lucene-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-solr-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-fts-solr-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-fts-solr-2.2.31-19.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-squat-2.2.31-19.37.2.aarch64",
"product": {
"name": "dovecot22-fts-squat-2.2.31-19.37.2.aarch64",
"product_id": "dovecot22-fts-squat-2.2.31-19.37.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot22-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-2.2.31-19.37.2.i586",
"product_id": "dovecot22-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.i586",
"product_id": "dovecot22-backend-mysql-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.i586",
"product_id": "dovecot22-backend-pgsql-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.i586",
"product_id": "dovecot22-backend-sqlite-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-devel-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-devel-2.2.31-19.37.2.i586",
"product_id": "dovecot22-devel-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-fts-2.2.31-19.37.2.i586",
"product_id": "dovecot22-fts-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.i586",
"product_id": "dovecot22-fts-lucene-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-solr-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-fts-solr-2.2.31-19.37.2.i586",
"product_id": "dovecot22-fts-solr-2.2.31-19.37.2.i586"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-squat-2.2.31-19.37.2.i586",
"product": {
"name": "dovecot22-fts-squat-2.2.31-19.37.2.i586",
"product_id": "dovecot22-fts-squat-2.2.31-19.37.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot22-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-devel-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-devel-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-devel-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-fts-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-fts-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-fts-lucene-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-solr-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-fts-solr-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-fts-solr-2.2.31-19.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-squat-2.2.31-19.37.2.ppc64le",
"product": {
"name": "dovecot22-fts-squat-2.2.31-19.37.2.ppc64le",
"product_id": "dovecot22-fts-squat-2.2.31-19.37.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot22-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-2.2.31-19.37.2.s390",
"product_id": "dovecot22-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.s390",
"product_id": "dovecot22-backend-mysql-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390",
"product_id": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390",
"product_id": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-devel-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-devel-2.2.31-19.37.2.s390",
"product_id": "dovecot22-devel-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-fts-2.2.31-19.37.2.s390",
"product_id": "dovecot22-fts-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.s390",
"product_id": "dovecot22-fts-lucene-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-solr-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-fts-solr-2.2.31-19.37.2.s390",
"product_id": "dovecot22-fts-solr-2.2.31-19.37.2.s390"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-squat-2.2.31-19.37.2.s390",
"product": {
"name": "dovecot22-fts-squat-2.2.31-19.37.2.s390",
"product_id": "dovecot22-fts-squat-2.2.31-19.37.2.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot22-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-backend-mysql-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-devel-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-devel-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-devel-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-fts-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-fts-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-fts-lucene-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-solr-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-fts-solr-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-fts-solr-2.2.31-19.37.2.s390x"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-squat-2.2.31-19.37.2.s390x",
"product": {
"name": "dovecot22-fts-squat-2.2.31-19.37.2.s390x",
"product_id": "dovecot22-fts-squat-2.2.31-19.37.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dovecot22-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-devel-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-devel-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-devel-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-fts-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-fts-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-fts-lucene-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-fts-lucene-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-solr-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-fts-solr-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-fts-solr-2.2.31-19.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "dovecot22-fts-squat-2.2.31-19.37.2.x86_64",
"product": {
"name": "dovecot22-fts-squat-2.2.31-19.37.2.x86_64",
"product_id": "dovecot22-fts-squat-2.2.31-19.37.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dovecot22-devel-2.2.31-19.37.2.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
},
"product_reference": "dovecot22-devel-2.2.31-19.37.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33603"
}
],
"notes": [
{
"category": "general",
"text": "Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy. Install fixed version. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33603",
"url": "https://www.suse.com/security/cve/CVE-2026-33603"
},
{
"category": "external",
"summary": "SUSE Bug 1265147 for CVE-2026-33603",
"url": "https://bugzilla.suse.com/1265147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-26T09:00:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-33603"
},
{
"cve": "CVE-2026-40020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-40020"
}
],
"notes": [
{
"category": "general",
"text": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-40020",
"url": "https://www.suse.com/security/cve/CVE-2026-40020"
},
{
"category": "external",
"summary": "SUSE Bug 1265149 for CVE-2026-40020",
"url": "https://bugzilla.suse.com/1265149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-26T09:00:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-40020"
},
{
"cve": "CVE-2026-42006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42006"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit. Using excessive bracing, attacker can cause memory usage up to configured memory limit. Install fixed version, or configure vsz_limit for imap process to low value. No publicly available exploits are known.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42006",
"url": "https://www.suse.com/security/cve/CVE-2026-42006"
},
{
"category": "external",
"summary": "SUSE Bug 1265150 for CVE-2026-42006",
"url": "https://bugzilla.suse.com/1265150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.s390x",
"SUSE Linux Enterprise Server 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-mysql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-pgsql-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-backend-sqlite-2.2.31-19.37.2.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dovecot22-devel-2.2.31-19.37.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-26T09:00:41Z",
"details": "important"
}
],
"title": "CVE-2026-42006"
}
]
}
WID-SEC-W-2026-1510
Vulnerability from csaf_certbund - Published: 2026-05-12 22:00 - Updated: 2026-06-07 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dovecot ist ein Open Source IMAP und POP3 E-Mail Server.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in OX Dovecot Pro ausnutzen, um SQL-Injection-Angriffe durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1510 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1510.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1510 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1510"
},
{
"category": "external",
"summary": "Dovecot Security Advisory OXDC-2026-0002 vom 2026-05-12",
"url": "https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/thread/YQYBB3NJPNFFJ4SHDU7PLXLRRGHBJKSK/"
},
{
"category": "external",
"summary": "Dovecot and Pigeonhole v2.4.4 Released vom 2026-05-12",
"url": "https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/thread/YW7GVOH3VVLNAYW2C4TEBTGJW52J7F6H/"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-h6rp-9mjf-6x88 vom 2026-05-12",
"url": "https://github.com/advisories/GHSA-h6rp-9mjf-6x88"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10766-1 vom 2026-05-14",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GKQUS3KTDTOKH7A7YH4AAZDWVAKVZKBY/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-96EEB03B88 vom 2026-05-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-96eeb03b88"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-693373747F vom 2026-05-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-693373747f"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6313 vom 2026-05-31",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00224.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8365-1 vom 2026-06-02",
"url": "https://ubuntu.com/security/notices/USN-8365-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4617 vom 2026-06-05",
"url": "https://lists.debian.org/debian-lts-announce/2026/06/msg00006.html"
}
],
"source_lang": "en-US",
"title": "OX Dovecot Pro: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-07T22:00:00.000+00:00",
"generator": {
"date": "2026-06-08T09:29:20.921+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1510",
"initial_release_date": "2026-05-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2026-05-31T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-06-02T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-06-07T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Debian aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "OX Pro core \u003c3.1.5",
"product": {
"name": "Open Source Dovecot OX Pro core \u003c3.1.5",
"product_id": "T053959"
}
},
{
"category": "product_version",
"name": "OX Pro core 3.1.5",
"product": {
"name": "Open Source Dovecot OX Pro core 3.1.5",
"product_id": "T053959-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dovecot:dovecot:ox_pro_core__3.1.5"
}
}
},
{
"category": "product_version_range",
"name": "OX Pro core \u003c2.4.4",
"product": {
"name": "Open Source Dovecot OX Pro core \u003c2.4.4",
"product_id": "T053960"
}
},
{
"category": "product_version",
"name": "OX Pro core 2.4.4",
"product": {
"name": "Open Source Dovecot OX Pro core 2.4.4",
"product_id": "T053960-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dovecot:dovecot:ox_pro_core__2.4.4"
}
}
}
],
"category": "product_name",
"name": "Dovecot"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27851",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-27851"
},
{
"cve": "CVE-2026-40016",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-40016"
},
{
"cve": "CVE-2026-33603",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-33603"
},
{
"cve": "CVE-2026-40020",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-40020"
},
{
"cve": "CVE-2026-42006",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-42006"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.