CVE-2019-16378

Published: Sep 17, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/trusteddomainproject/OpenDMARC/pull/48

x_refsource_MISC

https://bugs.debian.org/940081

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2019/09/11/8

x_refsource_MISC

[oss-security] 20190917 Re: OpenDMARC signature bypass with multiple From addresses

mailing-list

x_refsource_MLIST

DSA-4526

vendor-advisory

x_refsource_DEBIAN

20190920 [SECURITY] [DSA 4526-1] opendmarc security update

mailing-list

x_refsource_BUGTRAQ

FEDORA-2019-e1f0417a24

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-24b3f84f6e

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-6a2ca74e55

vendor-advisory

x_refsource_FEDORA

USN-4567-1

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-16378

Description

Affected Products

References