AZL-6676

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6676.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-6676

Upstream

CVE-2004-2771

Published

2014-12-24T18:59:00Z

Modified

2026-04-01T05:21:03.464507Z

Summary

CVE-2004-2771 affecting package mailx for versions less than 12.5-34

Details

The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

References

https://nvd.nist.gov/vuln/detail/CVE-2004-2771

Affected packages

Azure Linux:2 / mailx

Package

Name: mailx
Purl: pkg:rpm/azure-linux/mailx

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

12.5-34

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6676.json"