Every CVE whose affected-product data names Isync Project Isync, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-3657 — CVSS 9.8 (critical): A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or…
CVE-2021-44143 — CVSS 9.8 (critical): A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a…
CVE-2021-3578 — CVSS 7.8 (high): A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an…
CVE-2013-0289 — CVSS 4.3 (medium): Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName…