rpm package
opensuse/exim&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/exim&distro=openSUSE%20Leap%2015.1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-8015 | — | < 4.88-lp151.4.12.1 | 4.88-lp151.4.12.1 | Apr 2, 2020 | A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. | ||
| CVE-2019-15846 | — | < 4.88-lp151.4.9.1 | 4.88-lp151.4.9.1 | Sep 6, 2019 | Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. | ||
| CVE-2019-10149 | — | KEV | < 4.88-lp151.4.3.1 | 4.88-lp151.4.3.1 | Jun 5, 2019 | A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. |
- CVE-2020-8015Apr 2, 2020affected < 4.88-lp151.4.12.1fixed 4.88-lp151.4.12.1
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
- CVE-2019-15846Sep 6, 2019affected < 4.88-lp151.4.9.1fixed 4.88-lp151.4.9.1
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
- affected < 4.88-lp151.4.3.1fixed 4.88-lp151.4.3.1
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.