This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
In Dovecot before 126.96.36.199 and 2.3.x before 188.8.131.52 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
CVSS 3.x Severity and Metrics:
CVSS 2.0 Severity and Metrics: