Excessive Resource Consumption Vulnerability in Apache SpamAssassin

Excessive Resource Consumption Vulnerability in Apache SpamAssassin

CVE-2019-12420 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.

Learn more about our Cis Benchmark Audit For Apache Http Server.