{"id":"CVE-2020-28020","details":"Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.","modified":"2026-05-15T09:15:37.050455Z","published":"2021-05-06T13:15:09.613Z","related":["openSUSE-SU-2021:0677-1","openSUSE-SU-2021:0753-1","openSUSE-SU-2021:0754-1","openSUSE-SU-2024:10746-1"],"references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/07/25/1"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/08/03/1"},{"type":"FIX","url":"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28020-HSIZE.txt"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/exim/exim","events":[{"introduced":"0"},{"fixed":"ae63862ba6f6ee0c17ec865cc6cf0eebb3ca2389"}],"database_specific":{"extracted_events":[{"introduced":"4.00"},{"fixed":"4.92"}],"cpe":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["exim-4.92-RC5","exim-4.92-RC4","exim-4.92-RC3","exim-4.92-RC2","exim-4.92-RC1","exim-4_91","exim-4_91_RC4","exim-4_91_RC3","exim-4_91_RC2","exim-4_91_RC1","exim-4_90_RC4","exim-4_90","exim-4_90_RC3","exim-4_90_RC2","exim-4_90_RC1","exim-4.90devstart","exim-4_89_RC3","exim-4_89_RC1","exim-4_88","exim-4_87","exim-4_88_RC6","exim-4_88_RC5","exim-4_88_RC4","exim-4_88_RC3","exim-4_88_RC2","exim-4_88_RC1","exim-4_87_RC7","exim-4_87_RC6","exim-4_87_RC5","exim-4_87_RC4","exim-4_84","exim-4_86","exim-4_85","exim-4_87_RC3","exim-4_87_RC2","exim-4_87_RC1","exim-4_86_RC5","exim-4_86_RC4","exim-4_86_RC3","exim-4_86_RC2","exim-4_86_RC1","exim-4_85_RC4","exim-4_85_RC3","exim-4_85_RC2","exim-4_85_RC1","exim-4_84_RC2","exim-4_84_RC1","exim-4_83","exim-4_83_RC3","exim-4_83_RC2","exim-4_83_RC1","exim-4_82","exim-4_82_RC5","exim-4_82_RC4","exim-4_82_RC3","exim-4_82_RC2","exim-4_82_RC1","exim-4_80","exim-4_80_RC7","exim-4_80_RC6","exim-4_80_RC5","exim-4_80_RC4","exim-4_80_RC3","exim-4_80_RC2","exim-4_80_RC1","exim-4_77","exim-4_77_RC4","exim-4_77_RC3","exim-4_77_RC2","exim-4_77_RC1","exim-4_76","exim-4_76_RC2","exim-4_76_RC1","exim-4_75","exim-4_75_RC3","exim-4_75_RC2","exim-4_75_RC1","exim-4_74","exim-4_74_RC1","exim-4_73","exim-4_73_RC1","exim-4_73_RC00","exim-4_72","exim-4_72_RC2","exim-4_72_RC1","exim-4_71","exim-4_70","exim-4_70_RC4","exim-4_70_RC3","DEVEL_PDKIM_START","exim-4_69","exim-4_68","exim-4_67","exim-4_66","exim-4_65","exim-4_64","exim-4_63","exim-4_62","exim-4_61","exim-4_54","exim-4_53","exim-4_52","exim-4_51","exim-4_50"],"database_specific":{"vanir_signatures":[{"id":"CVE-2020-28020-1522f0d7","digest":{"line_hashes":["141166236224459274535551626864839869666","174352176653700224194965995710414839471","253039306938586898545558896654873110353","195708166821209130084578053240344760208"],"threshold":0.9},"deprecated":false,"target":{"file":"src/src/smtp_in.c"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/exim/exim/commit/ae63862ba6f6ee0c17ec865cc6cf0eebb3ca2389"},{"id":"CVE-2020-28020-32bbe9ef","digest":{"length":2856,"function_hash":"24326669637228286557130795243383876882"},"deprecated":false,"target":{"function":"smtp_reset","file":"src/src/smtp_in.c"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/exim/exim/commit/ae63862ba6f6ee0c17ec865cc6cf0eebb3ca2389"}],"vanir_signatures_modified":"2026-05-15T09:15:37Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28020.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}