CVE-2021-35525
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-35525
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-35525.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-35525
- Downstream
- Published
- 2021-06-28T18:15:08Z
- Modified
- 2025-10-21T06:25:37.410155Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
- References
Affected packages
Git / github.com/roehling/postsrsd
Affected ranges
- Type
- GIT
- Repo
- https://github.com/roehling/postsrsd
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Database specific
vanir_signatures
[
{
"source": "https://github.com/roehling/postsrsd/commit/077be98d8c8a9847e4ae0c7dc09e7474cbe27db2",
"target": {
"file": "postsrsd.c"
},
"id": "CVE-2021-35525-7a462af7",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"114569383962023219559100666745867562505",
"219503413355299878239505911635227857634",
"212696949781320512734217356151229946819",
"2670085903009784751101381710898196003",
"5649181508076085041746994120856640496",
"72365786694670864541593521962678602073",
"332053156429864495665554635764587086136",
"335411550119694145242976179301858929527",
"249982308931409208471461181625366571643",
"211591182885679203261428264752833138519",
"186779625746040801697711048258590035822",
"58102085347133306172592416676635128075",
"48382476309005207726184023101877677156",
"174004379907665534584885805064968521638",
"286163441142007654043373165644791020525",
"141412925990212278321444530926539231949",
"183757437535633113213291860347266403052",
"315556289331415417162079350519662090933",
"233493307986003114337809140353844631054",
"262158665803866507521764661982945869203",
"324148460677818757671075646342155855384",
"232121774091589642936304613102002015566",
"240007579326281670771227311769092659313",
"71920091971025669657444931200052501746",
"247892337485324190572739863401697719725",
"85710148368912828244976399951211664855",
"120504828612821731785187913728945457255",
"311777769607868852566443104416529350786",
"232121774091589642936304613102002015566",
"240007579326281670771227311769092659313",
"299723424414018003847413259895933290894",
"46654873682075936317606261479621294916",
"15038841786247973457778655237712338956",
"337771425144432590340199650720672487943",
"91679675537453942143943646597082712203",
"232121774091589642936304613102002015566",
"240007579326281670771227311769092659313",
"73938147732098566579455819955128188438",
"336131130495870536360217840557316223209",
"173369963563305225486767560344380161513",
"156964338338991817151131222284240497503",
"130922620574880320661270985796956350981",
"115804511836399847261547328480301228579",
"232661323117712013833390988457301033446",
"102849474277674589927284518033393733684",
"66321221316955709175540157669624165588",
"86278926276355144418361472469572074461"
]
},
"deprecated": false,
"signature_version": "v1"
},
{
"source": "https://github.com/roehling/postsrsd/commit/077be98d8c8a9847e4ae0c7dc09e7474cbe27db2",
"target": {
"function": "main",
"file": "postsrsd.c"
},
"id": "CVE-2021-35525-ea87965d",
"signature_type": "Function",
"digest": {
"function_hash": "213462266672670075161301342346165526897",
"length": 8384.0
},
"deprecated": false,
"signature_version": "v1"
}
]