vulnerability

Debian: CVE-2022-48521: opendkim -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	2023-07-11	2023-12-11	2025-01-28

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

2023-07-11

Added

2023-12-11

Modified

2025-01-28

Description

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely on Authentication-Results from OpenDKIM will treat the message as having a valid DKIM signature when in fact it has none.

Solution

debian-upgrade-opendkim

References

CVE-2022-48521
https://attackerkb.com/topics/CVE-2022-48521
DEBIAN-DLA-3680-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today