Several vulnerabilities have been discovered in the dovecot-dev email server. CVE-2020-24386 When imap hibernation is active, an attacker can cause dovecot-dev to discover file system directory structures and access other users" emails via specially crafted commands. CVE-2020-25275 Innokentii Sennovskiy reported that the mail delivery and parsing in dovecot-dev can crash when the 10000th MIME part is message/rfc822 . This flaw was introduced by earlier changes addressing CVE-2020-12100.