CVE-2020-14928

Published: 2020-07-17T16:15Z

Last Modified: 2024-11-21T05:04Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection." > MITRE Terms of Use apply – see LICENSE‑MITRE.txt