VDB

ALPINE-CVE-2018-11780

ALPINE-CVE-2018-11780 PUBLISHED CVSS 9.800000190734863 CRITICAL

A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.

Risk Scores

CVSS 3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.13spamassassin0, 0, 0
Alpine:v3.21spamassassin3.4.1-r0, 0, 3.4.1-r8
Alpine:v3.12spamassassin0, 0, 0
Alpine:v3.8spamassassin0, 0, 0
Alpine:v3.23spamassassin0, 3.4.1-r7, 3.4.1-r6
Alpine:v3.24spamassassin0, 0
Alpine:v3.19spamassassin3.2.5-r1, 0, 3.2.5-r0
Alpine:v3.14spamassassin0, 0, 0
Alpine:v3.22spamassassin0, 3.4.1-r7, 3.4.1-r6
Alpine:v3.16spamassassin3.2.5-r1, 3.2.5-r0, 3.3.0-r1
Alpine:v3.15spamassassin0, 3.2.5-r0, 3.2.5-r1
Alpine:v3.11spamassassin3.4.1-r6, 3.2.5-r0, 3.2.5-r1
Alpine:v3.17spamassassin0, 3.2.5-r0, 3.2.5-r1
Alpine:v3.9spamassassin3.2.5-r0, 0, 3.4.1-r8
Alpine:v3.10spamassassin3.2.5-r0, 3.2.5-r1, 3.3.1-r0
Alpine:v3.18spamassassin3.3.1-r2, 0, 3.2.5-r1
Alpine:v3.20spamassassin0, 3.2.5-r0, 3.2.5-r1

Timeline

  • Sep 17, 2018 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 9, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›