For the vulnerabilites reported by Qualys in October 2020 please see the Exim Website: https://exim.org/static/doc/security/CVE-2020-qualys/