EPSS
Percentile
82.4%
spamassassin is vulnerable to command execution. The vulnerability exists as crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805.
bz.apache.org/SpamAssassin/show_bug.cgi?id=7784
seclists.org/bugtraq/2020/Feb/1
usn.ubuntu.com/4265-1/
usn.ubuntu.com/4265-2/
www.debian.org/security/2020/dsa-4615