Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A mail filter to identify spam.
Version 4.0.0-2 [extra]


Group Affected Fixed Severity Status Ticket
AVG-1731 3.4.4-3 3.4.5-1 High Fixed
AVG-1077 3.4.2-5 3.4.3-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-1946 AVG-1731 High Yes Arbitrary command execution
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With...
CVE-2019-12420 AVG-1077 Medium Yes Denial of service
An excessive resource-consumption vulnerability where a message can be crafted in a way to use excessive resources.
CVE-2018-11805 AVG-1077 Medium Yes Arbitrary command execution
A malicious CF file is able to execute system commands without producing output/error streams.