Exim has released patches to address vulnerabilities affecting Exim 4.92.1 and prior versions. A remote attacker could exploit this vulnerability to take control of an affected email server.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Exim CVE-2019-15846 page and upgrade to Exim 4.92.2 or apply the necessary patches. CISA also encourages users and administrators to review the CERT Coordination Center's Vulnerability Note VU#672565 for more information.
This product is provided subject to this Notification and this Privacy & Use policy.