AVG-1731 log

Package spamassassin
Status Fixed
Severity High
Type arbitrary command execution
Affected 3.4.4-3
Fixed 3.4.5-1
Current 4.0.0-2 [extra]
Ticket None
Created Wed Mar 24 18:06:53 2021
Issue Severity Remote Type Description
CVE-2020-1946 High Yes Arbitrary command execution
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With...