Unrated severityNVD Advisory· Published Apr 2, 2020· Updated Sep 16, 2024
Local privilege escalation in exim package from user mail to root
CVE-2020-8015
Description
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords4 versionspkg:rpm/opensuse/exim&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/exim&distro=openSUSE%20Tumbleweedpkg:rpm/suse/exim&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/libspf2&distro=SUSE%20Package%20Hub%2015%20SP1
< 4.88-lp151.4.12.1+ 3 more
- (no CPE)range: < 4.88-lp151.4.12.1
- (no CPE)range: < 4.94.2-4.2
- (no CPE)range: < 4.94.2-bp151.2.4.1
- (no CPE)range: < 1.2.10-bp151.4.1
- openSUSE/Factoryv5Range: exim
Patches
Vulnerability mechanics
References
2- lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.htmlmitrevendor-advisoryx_refsource_SUSE
- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.