Mbsync · Mbsync · CVE-2021-44143
Name of the Vulnerable Software and Affected Versions:
isync versions 1.4.0 through 1.4.3
Description:
A flaw was found in mbsync due to an unchecked condition, allowing a malicious or compromised IMAP server to use a crafted mail message that lacks headers to provoke a heap overflow, which could conceivably be exploited for remote code execution.
Recommendations:
For versions 1.4.0 through 1.4.3, update to a version outside of this range to mitigate the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.