Lucene search

K
cvelistApacheCVELIST:CVE-2019-12420
HistoryDec 12, 2019 - 10:16 p.m.

CVE-2019-12420

2019-12-1222:16:05
apache
www.cve.org

7.4 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.4%

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.

CNA Affected

[
  {
    "product": "Apache SpamAssassin",
    "vendor": "Apache",
    "versions": [
      {
        "status": "affected",
        "version": "Apache SpamAssassin prior to 3.4.3"
      }
    ]
  }
]

References