MidnightBSD

Advisories for pypolicyd-spf_project

CVE-2019-20790 MEDIUM

OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-290,

Products Affected

Vendor Product Version
fedoraproject fedora 34
trusteddomain opendmarc *
fedoraproject fedora 33
trusteddomain opendmarc 1.4.0
pypolicyd-spf_project pypolicyd-spf 2.0.2