CVE-2022-24732

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-24732

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24732.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24732

Aliases

GHSA-6cp7-g972-w9m9

Related

GHSA-6cp7-g972-w9m9

Published

2022-03-09T20:15:08Z

Modified

2025-01-15T02:17:36.577075Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are advised to upgrade. Users unable to upgrade should manually remove expired accounts via existing filtering mechanisms.

References

Affected packages

Git / github.com/foxcpp/maddy

Affected ranges

Type: GIT
Repo: https://github.com/foxcpp/maddy
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7ee6a39c6a1939b376545f030a5efd6f90913583

Fixed

7ee6a39c6a1939b376545f030a5efd6f90913583

Affected versions

v0.*

v0.1.0

v0.1.1

v0.2.0

v0.3.0

v0.4.0

v0.4.1

v0.4.2

v0.4.3

v0.4.4

v0.5.0

v0.5.1

v0.5.2

v0.5.3