rpm package
opensuse/exim&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/exim&distro=openSUSE%20Tumbleweed
Vulnerabilities (53)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-53881 | Med | — | < 4.98.2-4.1 | 4.98.2-4.1 | Oct 2, 2025 | A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1. | |
| CVE-2025-30232 | — | < 4.98.2-1.1 | 4.98.2-1.1 | Mar 27, 2025 | A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges. | ||
| CVE-2025-26794 | — | < 4.98.2-1.1 | 4.98.2-1.1 | Feb 21, 2025 | Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. (Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations.) | ||
| CVE-2024-39929 | — | < 4.98-1.1 | 4.98-1.1 | Jul 4, 2024 | Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. | ||
| CVE-2023-42119 | — | < 4.96.2-1.1 | 4.96.2-1.1 | May 3, 2024 | Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wi | ||
| CVE-2023-42117 | — | < 4.96.2-1.1 | 4.96.2-1.1 | May 3, 2024 | Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wi | ||
| CVE-2023-42116 | — | < 4.96.1-1.1 | 4.96.1-1.1 | May 3, 2024 | Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wit | ||
| CVE-2023-42115 | — | < 4.96.1-1.1 | 4.96.1-1.1 | May 3, 2024 | Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp serv | ||
| CVE-2023-42114 | — | < 4.96.1-1.1 | 4.96.1-1.1 | May 3, 2024 | Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wit | ||
| CVE-2023-51766 | — | < 4.97.1-1.1 | 4.97.1-1.1 | Dec 24, 2023 | Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim | ||
| CVE-2022-3559 | — | < 4.96-3.1 | 4.96-3.1 | Oct 17, 2022 | A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a pa | ||
| CVE-2020-28026 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers t | ||
| CVE-2020-28025 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory. | ||
| CVE-2020-28024 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF. | ||
| CVE-2020-28023 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client. | ||
| CVE-2020-28022 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands. | ||
| CVE-2020-28021 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command. | ||
| CVE-2020-28020 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction. | ||
| CVE-2020-28019 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA. | ||
| CVE-2020-28018 | — | < 4.94.2-4.2 | 4.94.2-4.2 | May 6, 2021 | Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL. |
- affected < 4.98.2-4.1fixed 4.98.2-4.1
A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.
- CVE-2025-30232Mar 27, 2025affected < 4.98.2-1.1fixed 4.98.2-1.1
A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.
- CVE-2025-26794Feb 21, 2025affected < 4.98.2-1.1fixed 4.98.2-1.1
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. (Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations.)
- CVE-2024-39929Jul 4, 2024affected < 4.98-1.1fixed 4.98-1.1
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.
- CVE-2023-42119May 3, 2024affected < 4.96.2-1.1fixed 4.96.2-1.1
Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wi
- CVE-2023-42117May 3, 2024affected < 4.96.2-1.1fixed 4.96.2-1.1
Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wi
- CVE-2023-42116May 3, 2024affected < 4.96.1-1.1fixed 4.96.1-1.1
Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wit
- CVE-2023-42115May 3, 2024affected < 4.96.1-1.1fixed 4.96.1-1.1
Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp serv
- CVE-2023-42114May 3, 2024affected < 4.96.1-1.1fixed 4.96.1-1.1
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists wit
- CVE-2023-51766Dec 24, 2023affected < 4.97.1-1.1fixed 4.97.1-1.1
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim
- CVE-2022-3559Oct 17, 2022affected < 4.96-3.1fixed 4.96-3.1
A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a pa
- CVE-2020-28026May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers t
- CVE-2020-28025May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.
- CVE-2020-28024May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
- CVE-2020-28023May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.
- CVE-2020-28022May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
- CVE-2020-28021May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.
- CVE-2020-28020May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.
- CVE-2020-28019May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.
- CVE-2020-28018May 6, 2021affected < 4.94.2-4.2fixed 4.94.2-4.2
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
Page 1 of 3