CVE-2022-3559

4.6 MEDIUM
Published: October 17, 2022 Modified: November 03, 2025
View on NVD

Description

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://bugs.exim.org/show_bug.cgi?id=2915
Source: cna@vuldb.com
Patch Vendor Advisory
https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2
Source: cna@vuldb.com
Patch Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/
Source: cna@vuldb.com
Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/
Source: cna@vuldb.com
Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/
Source: cna@vuldb.com
Mailing List Third Party Advisory
https://vuldb.com/?id.211073
Source: cna@vuldb.com
Third Party Advisory
https://bugs.exim.org/show_bug.cgi?id=2915
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/10/msg00029.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
https://vuldb.com/?id.211073
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

13 reference(s) from NVD

Quick Stats

CVSS v3 Score
4.6 / 10.0
EPSS (Exploit Probability)
0.3%
57th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119 CWE-416

Affected Vendors

fedoraproject exim

Related CVEs

CVE-2025-52691 10.0
CVE-2025-15168 7.3
CVE-2025-15167 7.3
CVE-2025-15166 7.3
CVE-2025-15165 7.3