CVE-2020-12272 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Content spoofing |
Description | OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1375 | opendmarc | 1.3.3-2 | Medium | Vulnerable |
References |
---|
https://sourceforge.net/p/opendmarc/tickets/237/ https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf |