OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field.
References
Link | Resource |
---|---|
https://github.com/trusteddomainproject/OpenDMARC/issues/179 | Exploit Issue Tracking Patch Third Party Advisory |
https://github.com/trusteddomainproject/OpenDMARC/pull/178 | Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZHZD4WZDYRBB2XVW2EQ4DQ2KYMAGPUO/ | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MAT4ZSWPQ5SUTMYCXRXI5SMTWL4AG7E/ | Mailing List Third Party Advisory |
Information
Published : 2021-06-10 08:15
Updated : 2021-09-20 06:50
NVD link : CVE-2021-34555
Mitre link : CVE-2021-34555
JSON object : View
CWE
CWE-476
NULL Pointer Dereference
Products Affected
fedoraproject
- fedora
trusteddomain
- opendmarc