CVE-2022-24732

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-24732

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24732.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24732

Aliases

GHSA-6cp7-g972-w9m9

Published

2022-03-09T19:40:08Z

Modified

2026-02-05T07:21:49.492020Z

Severity

6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator

Summary

Maddy Mail Server does not implement account expiry

Details

Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are advised to upgrade. Users unable to upgrade should manually remove expired accounts via existing filtering mechanisms.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/24xxx/CVE-2022-24732.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-324",
        "CWE-613"
    ]
}

References

Affected packages

Git / github.com/foxcpp/maddy

Affected ranges

Type: GIT
Repo: https://github.com/foxcpp/maddy
Events: Introduced

e4fb72ec69a16c1679b999206bf745912f1f9e88

Fixed

211e1a67ee9d65bea7c34346eb7affb639f9d22a

Affected versions

v0.*

v0.5.0

v0.5.1

v0.5.2

v0.5.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24732.json"