Описание
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-26794
- https://github.com/NixOS/nixpkgs/pull/383926
- https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d
- https://bugzilla.suse.com/show_bug.cgi?id=1237424
- https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305
- https://exim.org
- https://github.com/Exim/exim/wiki/EximSecurity
- https://www.exim.org/static/doc/security/CVE-2025-26794.txt
- http://www.openwall.com/lists/oss-security/2025/02/19/1
- http://www.openwall.com/lists/oss-security/2025/02/21/4
- http://www.openwall.com/lists/oss-security/2025/02/21/5
Связанные уязвимости
CVSS3: 7.5
ubuntu
4 месяца назад
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.
CVSS3: 7.5
redhat
4 месяца назад
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.
CVSS3: 7.5
nvd
4 месяца назад
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.
CVSS3: 7.5
debian
4 месяца назад
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are ...
CVSS3: 7.5
fstec
4 месяца назад
Уязвимость функций SQLite hints и ETRN serialization почтового сервера Exim, позволяющая нарушителю вызвать отказ в обслуживании