opendmarc

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Free open source software implementation of the DMARC specification
Version 1.4.1.1-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-2067 1.4.1.1-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-34555 AVG-2067 Medium Yes Denial of service
OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1620 1.3.3-2 1.4.0-1 Medium Fixed
AVG-1375 1.4.0-2 1.4.1.1-1 Medium Fixed
AVG-1208 1.3.2-6 1.3.3-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-12460 AVG-1208 Medium Yes Denial of service
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap...
CVE-2020-12272 AVG-1375 Medium Yes Content spoofing
OpenDMARC before 1.4.1 allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message....
CVE-2019-20790 AVG-1375 Low Yes Authentication bypass
OpenDMARC before 1.4.1, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is...
CVE-2019-16378 AVG-1620 Medium Yes Signature forgery
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect...

Advisories

Date Advisory Group Severity Type
19 May 2021 ASA-202105-13 AVG-1375 Medium multiple issues
01 Sep 2020 ASA-202009-1 AVG-1208 Medium denial of service