Lucene search
+L

CVE-2020-1931

🗓️ 30 Jan 2020 17:38:42Reported by Debian Security Bug TrackerType 
debiancve
 debiancve
🔗 security-tracker.debian.org👁 36 Views

A command execution issue in Apache SpamAssassin prior to 3.4.3 allows nefarious .cf files to run system commands, but attempts to exploit the issue will throw warnings. Upgrading to SA 3.4.4 and using trusted update channels or .cf files is recommended

Related
Packages
OSOS VersionArchitecturePackagePackage VersionFilename
Debian11anyspamassassin3.4.4~rc1-1spamassassin_3.4.4~rc1-1_any.deb
Debian12anyspamassassin3.4.4~rc1-1spamassassin_3.4.4~rc1-1_any.deb
Debian13anyspamassassin3.4.4~rc1-1spamassassin_3.4.4~rc1-1_any.deb
Debian14anyspamassassin3.4.4~rc1-1spamassassin_3.4.4~rc1-1_any.deb
Debian999anyspamassassin3.4.4~rc1-1spamassassin_3.4.4~rc1-1_any.deb

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

30 Jan 2020 17:38Current
6.9Medium risk
Vulners AI Score6.9
CVSS 3.18.1
CVSS 29.3
EPSS0.06464
36