An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set (from 2020 and 2024) limits excessive depth and the total number of parts.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published: 2024-05-02T19:59:20.917Z
Updated: 2024-08-01T20:33:52.936Z
Reserved: 2024-04-24T17:32:29.243Z
Link: CVE-2024-4140
Vulnrichment
Updated: 2024-08-01T20:33:52.936Z
NVD
Status : Awaiting Analysis
Published: 2024-05-02T20:15:07.333
Modified: 2024-06-10T18:15:36.313
Link: CVE-2024-4140
Redhat
No data.