AZL-69835

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-69835.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-69835

Upstream

CVE-2025-30189

Published

2025-10-31T09:15:47Z

Modified

2026-04-21T04:36:15.029396Z

Summary

CVE-2025-30189 affecting package dovecot 2.3.20-1

Details

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted passdb/userdb drivers. No publicly available exploits are known.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-30189

Affected packages

Azure Linux:3 / dovecot

Package

Name: dovecot
Purl: pkg:rpm/azure-linux/dovecot

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

2.3.20-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-69835.json"