Moderate severityNVD Advisory· Published Mar 9, 2022· Updated Apr 23, 2025
Maddy Mail Server does not implement account expiry
CVE-2022-24732
Description
Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are advised to upgrade. Users unable to upgrade should manually remove expired accounts via existing filtering mechanisms.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/foxcpp/maddyGo | < 0.5.4 | 0.5.4 |
Affected products
2- foxcpp/maddyv5Range: < 0.5.4
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-6cp7-g972-w9m9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-24732ghsaADVISORY
- github.com/foxcpp/maddy/commit/7ee6a39c6a1939b376545f030a5efd6f90913583ghsax_refsource_MISCWEB
- github.com/foxcpp/maddy/releases/tag/v0.5.4ghsaWEB
- github.com/foxcpp/maddy/security/advisories/GHSA-6cp7-g972-w9m9ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.