MidnightBSD

Advisories for libspf2

CVE-2021-20314 HIGH

Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
fedoraproject fedora 35
fedoraproject fedora 34
redhat enterprise_linux 7.0
fedoraproject fedora 33
libspf2 libspf2 *