CVE-2022-48521

Published: Jul 11, 2023

Modified: Aug 3, 2024

PUBLISHED

Description

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely on Authentication-Results from OpenDKIM will treat the message as having a valid DKIM signature when in fact it has none.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/trusteddomainproject/OpenDKIM/issues/148

[debian-lts-announce] 20231203 [SECURITY] [DLA 3680-1] opendkim security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-48521

Description

Affected Products

References