QwikSec

Security Database

CVE

CWE

Training

CVE-2022-3559

Published: Oct 17, 2022

Modified: Nov 3, 2025

PUBLISHED

CVSS v3.1

4.6

MEDIUM

Description

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.

Vendor	Product	Versions
unspecified	Exim	affected `n/a`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

References

https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2

https://vuldb.com/?id.211073

https://bugs.exim.org/show_bug.cgi?id=2915

FEDORA-2022-6125582f45

vendor-advisory

FEDORA-2022-ebb3db782c

vendor-advisory

FEDORA-2022-90e08c08e6

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.