Does cPanel have a patch for Exim that addresses CVE-2022-37451?

Question

Does cPanel have a patch for Exim that addresses CVE-2022-37451?

Answer

The patch for CVE-2022-37451 has been released in cpanel-exim-4.95-6. cPanel versions 102.0.23, 104.0.11, and 106.0.8 use the patched version of Exim. cPanel version 108 uses cpanel-exim-4.96-5, which is not affected by the vulnerability reported in CVE-2022-37451.

To verify if your server is running an affected version of Exim, run the following command.

rpm -q cpanel-exim

If your server is running cpanel-exim-4.95-6 or later, Exim is unaffected by the vulnerability and no action is required. If your server is running a version older than cpanel-exim-4.95-6, update cPanel to the latest version.

/scripts/upcp