Lucene search
K

27 matches found

OSV
OSV
added 2025/09/25 10:39 a.m.6 views

CLSA-2025-1758796775 spamassassin: Fix of 2 CVEs

CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing - CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing...

9.3CVSS5.8AI score0.07053EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: spamassassin (TSSA-2022:0040)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0040 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.3CVSS6.8AI score0.07234EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 7 : spamassassin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Malicious rule configuration files can be configured to run system commands CVE-2020-1946 -...

9.8CVSS7.9AI score0.07053EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.24 views

RHEL 6 : spamassassin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Malicious rule configuration files can be configured to run system commands CVE-2020-1946 -...

7.7AI score0.07879EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/05/26 12:0 a.m.32 views

EulerOS 2.0 SP3 : spamassassin (EulerOS-SA-2022-1764)

According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be...

9.3CVSS6.7AI score0.07053EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2020:0811-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.4AI score0.07053EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2020:0810-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7AI score0.07053EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:0813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7AI score0.07053EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.39 views

CentOS 8 : spamassassin (CESA-2020:4625)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:4625 advisory. - spamassassin: crafted configuration files can run system commands without any output or errors CVE-2018-11805 - spamassassin: crafted email message c...

9.3CVSS6.9AI score0.07234EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.36 views

Oracle Linux 8 : spamassassin (ELSA-2020-4625)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-4625 advisory. - Fixed CVE-2018-11805 - Fixed CVE-2020-1930 - Fixed CVE-2020-1931 - Fix CVE-2019-12420 Tenable has extracted the preceding description block directly...

9.3CVSS6.8AI score0.07234EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2020/11/10 12:0 a.m.25 views

spamassassin security update

3.4.2-10 - Fixed CVE-2018-11805 - Resolves: rhbz1787514 - Fixed CVE-2020-1930 - Resolves: rhbz1820649 - Fixed CVE-2020-1931 - Resolves: rhbz1820650 3.4.2-9 - Fix CVE-2019-12420 - Resolves: rhbz1812977 3.4.2-8 - Removed the obsolete SOUGHT channel for rule updates - Resolves: rhbz1630362...

9.3CVSS1.1AI score0.07234EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/04/06 12:0 a.m.32 views

openSUSE Security Update : spamassassin (openSUSE-2020-446)

This update for spamassassin fixes the following issues : Security issues fixed : - CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to isregexpvalid bsc1118987. - CVE-2020-1930: Fixed an issue with rule configuration .cf files which can be configured to run system...

9.3CVSS6.6AI score0.07053EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/04/05 12:0 a.m.30 views

openSUSE: Security Advisory for spamassassin (openSUSE-SU-2020:0446-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS7.7AI score0.07053EPSS
Exploits0References2
OSV
OSV
added 2020/04/04 2:19 p.m.7 views

OPENSUSE-SU-2020:0446-1 Security update for spamassassin

This update for spamassassin fixes the following issues: Security issues fixed: - CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to isregexpvalid bsc1118987. - CVE-2020-1930: Fixed an issue with rule configuration .cf files which can be configured to run system...

9.3CVSS7.3AI score0.07053EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/03/31 12:0 a.m.29 views

SUSE SLES12 Security Update : spamassassin (SUSE-SU-2020:0810-1)

This update for spamassassin fixes the following issues : CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to isregexpvalid bsc1118987. CVE-2020-1930: Fixed an issue with rule configuration .cf files which can be configured to run system commands bsc1162197...

9.3CVSS6.7AI score0.07053EPSS
Exploits0References10
OSV
OSV
added 2020/03/30 8:28 a.m.5 views

SUSE-SU-2020:0810-1 Security update for spamassassin

This update for spamassassin fixes the following issues: - CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to isregexpvalid bsc1118987. - CVE-2020-1930: Fixed an issue with rule configuration .cf files which can be configured to run system commands bsc1162197. -...

9.3CVSS7.2AI score0.07053EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2020/02/14 9:14 a.m.27 views

CVE-2020-1930

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same...

9.3CVSS2.1AI score0.07053EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/02/12 12:0 a.m.39 views

Fedora 31 : spamassassin (2020-24dac7d890)

Update to 3.4.4. Fixes CVE-2020-1930 and CVE-2020-1931. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.3CVSS6.7AI score0.07053EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/02/12 12:0 a.m.29 views

Fedora 30 : spamassassin (2020-bd20036cdc)

Update to 3.4.4. Fixes CVE-2020-1930 and CVE-2020-1931. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.3CVSS6.7AI score0.07053EPSS
Exploits0References3
Mageia
Mageia
added 2020/02/09 7:13 p.m.33 views

Updated spamassassin packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Nefarious rule configuration .cf files can be configured to run system commands with sa-compile. CVE-2020-1930 Nefarious rule configuration .cf files can be configured to run system commands with warnings. CVE-2020-1931...

9.3CVSS2.6AI score0.07053EPSS
Exploits0References5
Rows per page
Query Builder