VDB

GCVE-110-MAGEIA-2018-425

GCVE-110-MAGEIA-2018-425
Advisory Published
Vulnetix · Advisory published October 30, 2018
Updated spamassassin package fixes security vulnerabilities: A reliance on "." in @INC in one configuration script (CVE-2016-1238). A denial of service vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts (CVE-2017-15705). A potential Remote Code Execution bug with the PDFInfo plugin (CVE-2018-11780). A local user code injection in the meta rule syntax (CVE-2018-11781).

Affected Products

VendorProductVersionsPlatforms
Mageiaspamassassin-rules0 (affected), 3.4.2-1.1.mga6 (unaffected)
Mageiaspamassassin0 (affected), 3.4.2-1.5.mga6 (unaffected)

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›