{
  "schema_version": "1.4.0",
  "id": "GHSA-v3j8-2g92-h2q8",
  "modified": "2022-05-24T19:01:55Z",
  "published": "2022-05-24T19:01:55Z",
  "aliases": [
    "CVE-2021-32056"
  ],
  "details": "Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall.",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
    }
  ],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32056"
    },
    {
      "type": "WEB",
      "url": "https://cyrus.topicbox.com/groups/announce/T056901c106ecfce3/cyrus-imap-3-4-1-released"
    },
    {
      "type": "WEB",
      "url": "https://cyrus.topicbox.com/groups/announce/T126392718bc29d6b/cyrus-imap-3-2-7-released"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HEO3RURJW6NLIXS7NK5PVU6MGHC4SCM"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJZB45QBUN7CZFGOWCZYUYACNBTX7LVS"
    },
    {
      "type": "WEB",
      "url": "https://www.cyrusimap.org/imap/download/release-notes/3.2/x/3.2.7.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cyrusimap.org/imap/download/release-notes/3.4/x/3.4.1.html"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-732"
    ],
    "severity": "MODERATE",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-10T14:15:00Z"
  }
}