AVG-1375 log

Package opendmarc
Status Fixed
Severity Medium
Type multiple issues
Affected 1.4.0-2
Fixed 1.4.1.1-1
Current 1.4.1.1-1 [community]
Ticket None
Created Mon Dec 21 13:00:43 2020
Issue Severity Remote Type Description
CVE-2020-12272 Medium Yes Content spoofing
OpenDMARC before 1.4.1 allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message....
CVE-2019-20790 Low Yes Authentication bypass
OpenDMARC before 1.4.1, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is...
Date Advisory Package Type
19 May 2021 ASA-202105-13 opendmarc multiple issues