0.008 Low
EPSS
Percentile
81.2%
Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection.
github.com/advisories/GHSA-w5m8-5v9m-xhx5
github.com/outflanknl/Exploits/blob/master/harakiri-CVE-2016-1000282.py
nvd.nist.gov/vuln/detail/CVE-2016-1000282