VYPR
High severity7.4OSV Advisory· Published Mar 18, 2024· Updated Apr 15, 2026

CVE-2024-28054

CVE-2024-28054

Description

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict (relative to some mail user agents) when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Amavis/AmavisOSV2 versions
    amavis-0.1.1, amavis-0.2.0-pre6, amavis-0.2.1-pre3, …+ 1 more
    • (no CPE)range: amavis-0.1.1, amavis-0.2.0-pre6, amavis-0.2.1-pre3, …
    • (no CPE)range: <2.12.3, <2.13.1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.