Libspf2 Security Vulnerabilities and Issues — Libspf2 CVE List

Lucene search

Libspf2 ProjectLibspf2

3 matches found

CVE•added 2024/05/03 3:15 a.m.•2433 views

CVE-2023-42118

Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of ...

8.8CVSS8AI score0.02242EPSS

CVE•added 2022/01/19 6:15 p.m.•95 views

CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of SPF_record_expand_data in spf_expand.c. The amount of overflowed data de...

9.8CVSS9.7AI score0.0135EPSS

CVE•added 2022/01/19 6:15 p.m.•88 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expan...

9.8CVSS9.7AI score0.0135EPSS