Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-2890-1:176CB
HistoryJan 20, 2022 - 11:35 p.m.

[SECURITY] [DLA 2890-1] libspf2 security update

2022-01-2023:35:22
lists.debian.org
15

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.8%

JSON

Debian LTS Advisory DLA-2890-1 [email protected]
https://www.debian.org/lts/security/ Thorsten Alteholz
January 21, 2022 https://wiki.debian.org/LTS

Package : libspf2
Version : 1.2.10-7+deb9u2
CVE ID : CVE-2021-33912 CVE-2021-33913

Two issues have been found in libspf2, a library for validating mail
senders with SPF.

Both issues are related to heap-based buffer overflows.

For Debian 9 stretch, these problems have been fixed in version
1.2.10-7+deb9u2.

We recommend that you upgrade your libspf2 packages.

For the detailed security status of libspf2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libspf2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian10mipslibspf2-dev< 1.2.10-7.1~deb10u1libspf2-dev_1.2.10-7.1~deb10u1_mips.deb
Debian9arm64libmail-spf-xs-perl< 1.2.10-7+deb9u2libmail-spf-xs-perl_1.2.10-7+deb9u2_arm64.deb
Debian10s390xlibmail-spf-xs-perl< 1.2.10-7.1~deb10u1libmail-spf-xs-perl_1.2.10-7.1~deb10u1_s390x.deb
Debian11mips64ellibspf2-2< 1.2.10-7.1~deb11u1libspf2-2_1.2.10-7.1~deb11u1_mips64el.deb
Debian9arm64spfquery< 1.2.10-7+deb9u2spfquery_1.2.10-7+deb9u2_arm64.deb
Debian9arm64libspf2-dev< 1.2.10-7+deb9u2libspf2-dev_1.2.10-7+deb9u2_arm64.deb
Debian9amd64libspf2-2-dbg< 1.2.10-7+deb9u2libspf2-2-dbg_1.2.10-7+deb9u2_amd64.deb
Debian10armelspfquery< 1.2.10-7.1~deb10u1spfquery_1.2.10-7.1~deb10u1_armel.deb
Debian9amd64libspf2-2< 1.2.10-7+deb9u2libspf2-2_1.2.10-7+deb9u2_amd64.deb
Debian10mips64ellibmail-spf-xs-perl< 1.2.10-7.1~deb10u1libmail-spf-xs-perl_1.2.10-7.1~deb10u1_mips64el.deb
Rows per page:
1-10 of 1231

Related

osv 5
nessus 4
openvas 3
gentoo 1
ubuntu 2
nvd 2
cve 2
alpinelinux 2
veracode 3
prion 2
cnvd 2
ubuntucve 2
debiancve 2
cvelist 2
osv
osv
libspf2 - security update
2022-01-21 00:00:00
libspf2 vulnerabilities
2024-02-21 10:40:23
libspf2 vulnerabilities
2024-01-15 17:17:57
nessus
nessus
Ubuntu 16.04 LTS : Libspf2 vulnerabilities (USN-6584-2)
2024-02-21 00:00:00
Debian DLA-2890-1 : libspf2 - LTS security update
2022-01-21 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Libspf2 vulnerabilities (USN-6584-1)
2024-01-15 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2890-1)
2022-01-21 00:00:00
Ubuntu: Security Advisory (USN-6584-1)
2024-01-16 00:00:00
Ubuntu: Security Advisory (USN-6584-2)
2024-02-22 00:00:00
gentoo
gentoo
libspf2: Multiple vulnerabilities
2024-01-15 00:00:00
ubuntu
ubuntu
Libspf2 vulnerabilities
2024-01-15 00:00:00
Libspf2 vulnerabilities
2024-02-21 00:00:00
nvd
nvd
CVE-2021-33912
2022-01-19 18:15:07
CVE-2021-33913
2022-01-19 18:15:07
cve
cve
CVE-2021-33912
2022-01-19 18:15:07
CVE-2021-33913
2022-01-19 18:15:07
alpinelinux
alpinelinux
CVE-2021-33913
2022-01-19 18:15:07
CVE-2021-33912
2022-01-19 18:15:07
veracode
veracode
Remote Code Execution (RCE)
2022-01-20 06:14:24
Remote Code Execution (RCE)
2022-01-20 05:38:57
Remote Code Execution (RCE)
2022-01-20 10:30:37
prion
prion
Heap overflow
2022-01-19 18:15:00
Heap overflow
2022-01-19 18:15:00
cnvd
cnvd
libspf2 buffer overflow vulnerability (CNVD-2022-19088)
2022-01-25 00:00:00
libspf2 buffer overflow vulnerability (CNVD-2022-19089)
2022-01-25 00:00:00
ubuntucve
ubuntucve
CVE-2021-33913
2022-01-19 00:00:00
CVE-2021-33912
2022-01-19 00:00:00
debiancve
debiancve
CVE-2021-33913
2022-01-19 18:15:07
CVE-2021-33912
2022-01-19 18:15:07
cvelist
cvelist
CVE-2021-33913
2022-01-19 00:00:00
CVE-2021-33912
2022-01-19 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.8%

JSON
Related for DEBIAN:DLA-2890-1:176CB
osv5nessus4openvas3gentoo1ubuntu2nvd2cve2alpinelinux2veracode3prion2cnvd2ubuntucve2debiancve2cvelist2