Lucene search
Veracode Vulnerability DatabaseVERACODE:26305HistoryAug 11, 2020 - 3:23 a.m.
Arbitrary Command Execution
2020-08-1103:23:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
spamassassin
arbitrary command execution
configuration files
cve-2018-11805
system commands
EPSS
0.009
Percentile
82.4%
spamassassin is vulnerable to command execution. The vulnerability exists as crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805.
Related
alpinelinux
alpinelinux
osv
osv
CVE-2020-1931
2020-01-30 18:15:11
CVE-2018-11805
2019-12-12 23:15:11
spamassassin - security update
2019-12-14 00:00:00
prion
prion
Command injection
2020-01-30 18:15:00
Design/Logic Flaw
2019-12-12 23:15:00
Command injection
2020-01-30 18:15:00
cvelist
cvelist
nvd
nvd
redhatcve
redhatcve
debiancve
debiancve
ubuntucve
ubuntucve
nessus
nessus
SUSE SLED15 / SLES15 Security Update : spamassassin (SUSE-SU-2020:0811-1)
2020-03-31 00:00:00
SUSE SLES12 Security Update : spamassassin (SUSE-SU-2020:0810-1)
2020-03-31 00:00:00
cve
cve
openvas
openvas
openSUSE: Security Advisory for spamassassin (openSUSE-SU-2020:0446-1)
2020-04-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0813-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0810-1)
2021-04-19 00:00:00
suse
suse
Security update for spamassassin (important)
2020-04-04 00:00:00
almalinux
almalinux
Moderate: spamassassin security update
2020-11-03 12:21:29
redhat
redhat
(RHSA-2020:4625) Moderate: spamassassin security update
2020-11-03 12:21:29
oraclelinux
oraclelinux
spamassassin security update
2020-11-10 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-11-05 03:19:23
rosalinux
rosalinux
Advisory ROSA-SA-2021-1973
2021-07-02 18:08:24
freebsd
freebsd
spamassassin -- Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings
2020-01-30 00:00:00
spamassassin -- multiple vulnerabilities
2019-12-11 00:00:00
spamassassin -- Nefarious rule configuration files can run system commands
2020-01-28 00:00:00
amazon
amazon
Medium: spamassassin
2020-02-04 22:46:00
debian
debian
[SECURITY] [DLA 2062-1] sa-exim security update
2020-01-09 17:00:46
[SECURITY] [DLA 2037-1] spamassassin security update
2019-12-16 13:12:53
[SECURITY] [DSA 4584-1] spamassassin security update
2019-12-14 15:20:46
mageia
mageia
Updated spamassassin packages fix security vulnerabilities
2019-12-24 15:24:34
Updated spamassassin packages fix security vulnerabilities
2020-02-09 22:13:40
ubuntu
ubuntu
SpamAssassin vulnerabilities
2020-01-13 00:00:00
SpamAssassin vulnerabilities
2020-01-15 00:00:00
SpamAssassin vulnerabilities
2020-02-04 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: spamassassin-3.4.4-1.fc30
2020-02-12 01:41:33
[SECURITY] Fedora 31 Update: spamassassin-3.4.4-1.fc31
2020-02-12 02:15:41