University of Cambridge Exim 4.94.2

CPE Details

University of Cambridge Exim 4.94.2
exim
exim
4.94.2
2021-05-06
12h09 +00:00
2021-05-28
18h24 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:exim:exim:4.94.2:*:*:*:*:*:*:*

Informations

Vendor

exim

Product

exim

Version

4.94.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-51766 2023-12-23 23h00 +00:00 Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but some other popular e-mail servers do not.
5.3
Medium
CVE-2022-37452 2022-08-07 15h06 +00:00 Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
9.8
Critical
CVE-2022-37451 2022-08-06 15h02 +00:00 Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
7.5
High
CVE-2021-38371 2021-08-10 12h06 +00:00 The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
7.5
High