CVE-2019-10149

Опубликовано: 05 июн. 2019

Источник: ubuntu

Приоритет: medium

EPSS Критический

CVSS2: 10

CVSS3: 9.8

Описание

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Релиз	Статус	Примечание
bionic	released	4.90.1-1ubuntu1.2
cosmic	released	4.91-6ubuntu1.1
devel	not-affected	4.92-7ubuntu1
disco	not-affected	4.92-4ubuntu1
esm-infra-legacy/trusty	not-affected	4.82-3ubuntu2.4
esm-infra/bionic	released	4.90.1-1ubuntu1.2
esm-infra/xenial	not-affected	4.86.2-2ubuntu2.3
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	not-affected	4.82-3ubuntu2.4

Показывать по

Ссылки на источники

EPSS

Процентиль: 100%

0.93927

Критический

10 Critical

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2019-10149

CVSS3: 9

redhat

больше 6 лет назад

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

CVE-2019-10149

CVSS3: 9.8

nvd

больше 6 лет назад

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

CVE-2019-10149

CVSS3: 9.8

debian

больше 6 лет назад

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper v ...

openSUSE-SU-2019:1524-1

suse-cvrf

больше 6 лет назад

Security update exim

GHSA-5r7w-xvrp-rg22

CVSS3: 9.8

github

больше 3 лет назад

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

EPSS

Процентиль: 100%

0.93927

Критический

10 Critical

CVSS2

9.8 Critical

CVSS3

CVE-2019-10149

Описание

Пакет exim4

Ссылки на источники

Связанные уязвимости