CVE-2022-3559

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-3559

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3559.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-3559

Related

Published

2022-10-17T18:15:12Z

Modified

2024-10-29T03:50:18.494620Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.

References

Affected packages

Debian:11 / exim4

Package

Name: exim4
Purl: pkg:deb/debian/exim4?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.94.2-7+deb11u4

Affected versions

4.*

4.94.2-7

4.94.2-7+deb11u1

4.94.2-7+deb11u2

4.94.2-7+deb11u3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / exim4

Package

Name: exim4
Purl: pkg:deb/debian/exim4?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.96-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / exim4

Package

Name: exim4
Purl: pkg:deb/debian/exim4?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.96-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}