---

CVE-2019-16378 - log back

CVE-2019-16378 edited at 21 Mar 2021 16:33:25
References	https://www.openwall.com/lists/oss-security/2019/09/11/8 + https://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2019-20970 https://github.com/trusteddomainproject/OpenDMARC/pull/48 https://github.com/trusteddomainproject/OpenDMARC/commit/bdcda9beceb38fe5dacba09fb41fb4f866249326

CVE-2019-16378 edited at 24 Feb 2021 14:58:14
References	https://www.openwall.com/lists/oss-security/2019/09/11/8 https://github.com/trusteddomainproject/OpenDMARC/pull/48 + https://github.com/trusteddomainproject/OpenDMARC/commit/bdcda9beceb38fe5dacba09fb41fb4f866249326

CVE-2019-16378 edited at 24 Feb 2021 14:55:03
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Signature forgery
Description	+ OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.
References	+ https://www.openwall.com/lists/oss-security/2019/09/11/8 + https://github.com/trusteddomainproject/OpenDMARC/pull/48

CVE-2019-16378 created at 24 Feb 2021 14:53:35
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes