CVE-2020-35679 - log back

CVE-2020-35679 edited at 26 Dec 2020 14:25:29
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups.
References
+ https://github.com/openbsd/src/commit/79a034b4aed29e965f45a13409268290c9910043
Notes
CVE-2020-35679 created at 26 Dec 2020 14:24:46