Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
MITRE description: Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.