CVE 2020-28023

Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.

See the CVE page on Mitre.org for more details.