exim4 is vulnerable to use-after-free. The vulnerability exists in the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler which allows an attacker to cause an application crash.
git.exim.org/exim.git/commit/12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM/
lists.fedoraproject.org/archives/list/[email protected]/message/667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU/
lists.fedoraproject.org/archives/list/[email protected]/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/
lists.fedoraproject.org/archives/list/[email protected]/message/XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM/
security-tracker.debian.org/tracker/CVE-2022-3620
vuldb.com/?id.211919