Exim Multiple Vulnerabilities

Multiple vulnerabilities were identified in Exim. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and sensitive information disclosure on the targeted system.


[Updated on 2023-10-03] 

For CVE-2023-42117, CVE-2023-42118, and CVE-2023-42119, fix is not yet available.


Exim has released the mitigation for these vulnerabilities.

CVE-2023-42117: Do not use Exim behind an untrusted proxy-protocol proxy.

CVE-2023-42118: Do not use the ‘spf’ condition in your ACL.

CVE-2023-42119: Use a trustworthy DNS resolver which is able to validate the data according to the DNS record types.

RISK: High Risk

TYPE: Security software and application – Security Software & Appliance

TYPE: Security Software & Appliance

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.