Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Exim vulnerabilities (USN-8228-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8228-1 advisory. It was discovered that Exim incorrectly handled parsing malformed JSON in message headers. A remote attacker could possib...

GHSA-2VQ7-8VVF-W66V vulnerabilities

Vulnerabilities for packages: exim...

GHSA-H5J4-2Q8W-Q3Q4 vulnerabilities

Vulnerabilities for packages: exim...

EUVD-2021-13981

Malware in sbrugna...

exim-4.98.2-1.1 on GA media (moderate)

exim-4.98.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:14935-1 Rating: moderate Cross-References: CVE-2025-26794 CVE-2025-30232 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...

PT-2024-4731

Name of the Vulnerable Software and Affected Versions: Exim versions prior to 4.98 Exim versions 4.97.1 and earlier Exim versions 4.93-13ubuntu1.12 and earlier Exim versions 4.94.2-7+deb11u3 and earlier Exim versions 4.96-15+deb12u5 and earlier Description: Exim is vulnerable to a parsing error i...

CVE-2023-42117 vulnerabilities

Vulnerabilities for packages: libspf2, exim...

ROS-2-2107

2.2107 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

Security update for exim (important)

openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2024:0007-1 Rating: important References: 1218387 Cross-References: CVE-2022-3559 CVE-2023-42114 CVE-2023-42115 CVE-2023-42116 CVE-2023-42117 CVE-2023-42119 CVE-2023-51766 CVSS scores: CVE-2022-3559 NVD : 7.5...

OPENSUSE-SU-2023:0303-1 Security update for exim

This update for exim fixes the following issues: - CVE-2023-42117: Fixes Improper Neutralization of Special Elements Remote Code Execution Vulnerability boo1215787 - CVE-2023-42119: Fixes dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability boo1215789...

Security update for exim (critical)

openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2023:0304-1 Rating: critical References: 1215787 1215789 Cross-References: CVE-2023-42117 CVE-2023-42119 Affected Products: openSUSE Backports SLE-15-SP4 An update that fixes two vulnerabilities is now available...

A week in security (October 2 - October 8)

Last week on Malwarebytes Labs: Multi-factor authentication has proven it works, so what are we waiting for? Amazon Prime email scammer snatches defeat from the jaws of victory 2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions...

OPENSUSE-SU-2023:0293-1 Security update for exim

This update for exim fixes the following issues: CVE-2023-42114: NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability boo1215784 CVE-2023-42115: AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability boo1215785 CVE-2023-42116: SMTP Challenge Stack-based Buffer Overflow...

Security update for exim (critical)

openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2023:0293-1 Rating: critical References: 1215784 1215785 1215786 Cross-References: CVE-2023-42114 CVE-2023-42115 CVE-2023-42116 Affected Products: openSUSE Backports SLE-15-SP4 openSUSE Backports SLE-15-SP5 An update...

ROS-2-1633

2.1633 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-1729

2.1729 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-2140

2.2140 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-2152

2.2152 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 Vulnerability in the Exim message forwarding agent, related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-2048

2.2048 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

ROS-2-1572

2.1572 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...