Published: 13/02/2020 Updated: 18/02/2020

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git repository. All Docker images published on docker.io/mailu for tags 1.5, 1.6, 1.7 and master are patched. For detailed instructions about patching and securing the server afterwards, see github.com/Mailu/Mailu/issues/1354

Vulnerable Product	Search on Vulmon	Subscribe to Product
mailu mailu

Replication package of the paper "Automated Unearthing of Dangerous Issue Reports" in ESEC/FSE 2022

MemVul Project Description This replication package contains the dataset and code for our FSE 2022 paper Automated Unearthing of Dangerous Issue Reports We are the first to introduce the task of dangerous IR (ie, IR that leaks the vulnerability information) identification We aim to help software vendors start the vulnerability remediation process earlier, as well as helping

NVD-CWE-noinfo https://github.com/Mailu/Mailu/issues/1354 https://github.com/Mailu/Mailu/security/advisories/GHSA-2467-p5gv-58q6 https://nvd.nist.gov https://github.com/panshengyi/MemVul

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-5239

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect