CVE-2022-37452

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
07/08/2022
Last modified:
28/10/2022

Description

Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:* 4.95 (excluding)
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*