PT-2024-29389 · Unknown+1 · Email-Mime+1

Marc Bradshaw

Published

2020-05-09

Updated

2025-08-26

CVE-2024-4140

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Email-MIME versions prior to 1.954

Description An excessive memory use issue exists in Email-MIME, which can cause denial of service when parsing multipart MIME messages. The issue is related to excessive depth and the total number of parts in these messages.

Recommendations For versions prior to 1.954, update to version 1.954 or later to resolve the issue. As a temporary workaround, consider limiting the depth and total number of parts when parsing multipart MIME messages to minimize the risk of denial of service.

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

BDU:2025-15229

CVE-2024-4140

MGASA-2024-0198

OPENSUSE-SU-2024:13973-1

Affected Products

Debian

Email-Mime

PT-2024-29389 · Unknown+1 · Email-Mime+1

CVE-2024-4140

Weakness Enumeration

Related Identifiers

Affected Products

References · 30