{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T19:58:37.869","vulnerabilities":[{"cve":{"id":"CVE-2022-24732","sourceIdentifier":"security-advisories@github.com","published":"2022-03-09T20:15:08.623","lastModified":"2024-11-21T06:50:58.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are advised to upgrade. Users unable to upgrade should manually remove expired accounts via existing filtering mechanisms."},{"lang":"es","value":"Maddy Mail Server es un servidor de correo electrónico de código abierto compatible con SMTP. Las versiones de maddy anteriores a 0.5.4, no implementan la comprobación de la caducidad de la contraseña o de la cuenta cuando es autenticado usando PAM. Es recomendado a usuarios actualizar. Los usuarios que no puedan actualizarse deberán eliminar manualmente las cuentas caducadas por medio de los mecanismos de filtrado existentes"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-324"},{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:maddy_project:maddy:*:*:*:*:*:*:*:*","versionStartIncluding":"0.5.0","versionEndExcluding":"0.5.4","matchCriteriaId":"F116C241-39C7-4E8A-8776-5961385A8E94"}]}]}],"references":[{"url":"https://github.com/foxcpp/maddy/commit/7ee6a39c6a1939b376545f030a5efd6f90913583","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/foxcpp/maddy/security/advisories/GHSA-6cp7-g972-w9m9","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/foxcpp/maddy/commit/7ee6a39c6a1939b376545f030a5efd6f90913583","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/foxcpp/maddy/security/advisories/GHSA-6cp7-g972-w9m9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}