VDB
GCVE-110-MAGEIA-2021-182
GCVE-110-MAGEIA-2021-182
Advisory Published
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files
can be configured to run system commands without any output or errors. With
this, exploits can be injected in a number of scenarios. In addition to upgrading
to SA version 3.4.5, users should only use update channels or 3rd party .cf
files from trusted places. (CVE-2020-1946)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | spamassassin | 3.4.5-1.mga8 (unaffected), 0 (affected), 0 (affected), 3.4.5-1.mga8 (unaffected) | — |
| Mageia | spamassassin | 0 (affected), 3.4.5-1.mga7 (unaffected), 0 (affected), 3.4.5-1.mga7 (unaffected) | — |
| Mageia | spamassassin-rules | 0 (affected), 3.4.5-1.mga8 (unaffected), 3.4.5-1.mga8 (unaffected), 0 (affected) | — |
| Mageia | ds9 | 0 (affected), 8.2.1-2.mga8 (unaffected) | — |
| Mageia | spamassassin-rules | 0 (affected), 3.4.5-1.mga7 (unaffected), 3.4.5-1.mga7 (unaffected), 0 (affected) | — |
Browse GCVE Records
72,096 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.