University of Cambridge Exim 4.94.2

CPE Details

University of Cambridge Exim 4.94.2
exim
exim
4.94.2
2021-05-06
12h09 +00:00
2021-05-28
18h24 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:exim:exim:4.94.2:*:*:*:*:*:*:*

Informations

Vendor

exim

Product

exim

Version

4.94.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-51766 2023-12-23 23h00 +00:00 Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but some other popular e-mail servers do not.
5.3
Moyen
CVE-2022-37452 2022-08-07 15h06 +00:00 Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
9.8
Critique
CVE-2022-37451 2022-08-06 15h02 +00:00 Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
7.5
Haute
CVE-2021-38371 2021-08-10 12h06 +00:00 The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
7.5
Haute