Question
Does cPanel have a patch for Exim that addresses CVE-2022-37451?
Answer
The patch for CVE-2022-37451 has been released in cpanel-exim-4.95-6. cPanel versions 102.0.23, 104.0.11, and 106.0.8 use the patched version of Exim. cPanel version 108 uses cpanel-exim-4.96-5, which is not affected by the vulnerability reported in CVE-2022-37451.
To verify if your server is running an affected version of Exim, run the following command.
rpm -q cpanel-exim
If your server is running cpanel-exim-4.95-6 or later, Exim is unaffected by the vulnerability and no action is required. If your server is running a version older than cpanel-exim-4.95-6, update cPanel to the latest version.
/scripts/upcp