CVE-2022-3559 MEDIUM

CVE-2022-3559: Exim Regex use after free

Vendor Unspecified
Product Exim
Weakness CWE-119
Published October 17, 2022
Last update November 3, 2025

CVSS base score

4.6/10
Attack vector Adjacent
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.

Key dates

02Disclosure timeline

October 17, 2022 CVE published
November 3, 2025 Record updated