Back to search
CVE-2019-12420
Published: Dec 12, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.
| Vendor | Product | Versions |
|---|---|---|
Apache | Apache SpamAssassin | affected Apache SpamAssassin prior to 3.4.3 |
References
[spamassassin-announce] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420
mailing-list
x_refsource_MLIST
[spamassassin-dev] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420
mailing-list
x_refsource_MLIST
[spamassassin-users] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420
mailing-list
x_refsource_MLIST
[oss-security] 20191212 Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420
mailing-list
x_refsource_MLIST
[announce] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420
mailing-list
x_refsource_MLIST
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7747
x_refsource_MISC
DSA-4584
vendor-advisory
x_refsource_DEBIAN
20191216 [SECURITY] [DSA 4584-1] spamassassin security update
mailing-list
x_refsource_BUGTRAQ
[debian-lts-announce] 20191216 [SECURITY] [DLA 2037-1] spamassassin security update
mailing-list
x_refsource_MLIST
USN-4237-1
vendor-advisory
x_refsource_UBUNTU
USN-4237-2
vendor-advisory
x_refsource_UBUNTU
[spamassassin-users] 20200130 Re: ANNOUNCE: Apache SpamAssassin 3.4.4 available
mailing-list
x_refsource_MLIST
[spamassassin-users] 20200131 Re: ANNOUNCE: Apache SpamAssassin 3.4.4 available
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now