Description
Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-w5m8-5v9m-xhx5 | Critical severity vulnerability that affects Haraka |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T03:55:27.579Z
Reserved: 2019-02-04T00:00:00.000Z
Link: CVE-2016-1000282
No data.
Status : Modified
Published: 2019-02-05T17:29:00.233
Modified: 2026-06-17T00:38:50.723
Link: CVE-2016-1000282
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Github GHSA