CVE-2022-48521

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-48521

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48521.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-48521

Related

Published

2023-07-11T20:15:10Z

Modified

2025-01-14T11:18:31.830208Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely on Authentication-Results from OpenDKIM will treat the message as having a valid DKIM signature when in fact it has none.

References

Affected packages

Debian:11 / opendkim

Package

Name: opendkim
Purl: pkg:deb/debian/opendkim?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.11.0~beta2-4+deb11u1

Affected versions

2.*

2.11.0~beta2-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / opendkim

Package

Name: opendkim
Purl: pkg:deb/debian/opendkim?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.11.0~beta2-8+deb12u1

Affected versions

2.*

2.11.0~beta2-8

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / opendkim

Package

Name: opendkim
Purl: pkg:deb/debian/opendkim?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.11.0~beta2-9

Affected versions

2.*

2.11.0~beta2-8

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/trusteddomainproject/opendkim

Affected ranges

Type: GIT
Repo: https://github.com/trusteddomainproject/opendkim
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0fb53f84a6d17b82c8fc50c84b2a7517041250a8

Last affected

ba032e771c79ef98c86f5a55fe5453a5b700cee3

Last affected

ba29fa57b2455143dd86973c2229d6f7b8e16d9b

Last affected

cf1b96054c9d1e395417eda46b6038a1ab7a904f

Affected versions

Other

rel-opendkim-2-10-0

rel-opendkim-2-10-0-Beta0

rel-opendkim-2-10-0-Beta1

rel-opendkim-2-10-0-Beta2

rel-opendkim-2-10-1

rel-opendkim-2-10-2

rel-opendkim-2-10-3

rel-opendkim-2-11-0-Beta0

rel-opendkim-2-2-2

rel-opendkim-2-3-0

rel-opendkim-2-3-0-Beta0

rel-opendkim-2-3-0-Beta1

rel-opendkim-2-3-0-Beta2

rel-opendkim-2-3-0-Beta3

rel-opendkim-2-3-0-Beta4

rel-opendkim-2-3-0-Beta5

rel-opendkim-2-3-0-Beta6

rel-opendkim-2-3-0-Beta7

rel-opendkim-2-3-0-Beta8

rel-opendkim-2-3-0-Beta9

rel-opendkim-2-3-1

rel-opendkim-2-3-1-Beta0

rel-opendkim-2-3-1-Beta1

rel-opendkim-2-3-1-Beta2

rel-opendkim-2-3-1-Beta3

rel-opendkim-2-3-1-Beta4

rel-opendkim-2-3-1-Beta5

rel-opendkim-2-3-1-Beta6

rel-opendkim-2-3-2

rel-opendkim-2-3-2-Beta0

rel-opendkim-2-3-2-Beta1

rel-opendkim-2-3-2-Beta2

rel-opendkim-2-3-2-Beta3

rel-opendkim-2-3-2-Beta4

rel-opendkim-2-3-2-Beta5

rel-opendkim-2-4-0

rel-opendkim-2-4-0-Beta0

rel-opendkim-2-4-0-Beta1

rel-opendkim-2-4-0-Beta2

rel-opendkim-2-4-0-Beta3

rel-opendkim-2-4-0-Beta4

rel-opendkim-2-4-0-Beta5

rel-opendkim-2-4-0-Beta6

rel-opendkim-2-4-1

rel-opendkim-2-4-2

rel-opendkim-2-4-3

rel-opendkim-2-5-0

rel-opendkim-2-5-0-1

rel-opendkim-2-5-0-Beta0

rel-opendkim-2-5-0-Beta1

rel-opendkim-2-5-0-Beta10

rel-opendkim-2-5-0-Beta11

rel-opendkim-2-5-0-Beta12

rel-opendkim-2-5-0-Beta13

rel-opendkim-2-5-0-Beta14

rel-opendkim-2-5-0-Beta15

rel-opendkim-2-5-0-Beta2

rel-opendkim-2-5-0-Beta3

rel-opendkim-2-5-0-Beta4

rel-opendkim-2-5-0-Beta5

rel-opendkim-2-5-0-Beta6

rel-opendkim-2-5-0-Beta7

rel-opendkim-2-5-0-Beta8

rel-opendkim-2-5-0-Beta9

rel-opendkim-2-5-1

rel-opendkim-2-5-2

rel-opendkim-2-6-0

rel-opendkim-2-6-0-Beta0

rel-opendkim-2-6-0-Beta1

rel-opendkim-2-6-0-Beta2

rel-opendkim-2-6-0-Beta3

rel-opendkim-2-6-0-Beta4

rel-opendkim-2-6-0-Beta5

rel-opendkim-2-6-1

rel-opendkim-2-6-2

rel-opendkim-2-6-3

rel-opendkim-2-6-4

rel-opendkim-2-6-5

rel-opendkim-2-6-6

rel-opendkim-2-6-7

rel-opendkim-2-7-0

rel-opendkim-2-7-0-Beta0

rel-opendkim-2-7-0-Beta1

rel-opendkim-2-7-0-Beta2

rel-opendkim-2-7-0-Beta3

rel-opendkim-2-7-0-Beta4

rel-opendkim-2-7-0-Beta5

rel-opendkim-2-7-1

rel-opendkim-2-7-2

rel-opendkim-2-7-3

rel-opendkim-2-7-4

rel-opendkim-2-8-0

rel-opendkim-2-8-0-Beta0

rel-opendkim-2-8-0-Beta1

rel-opendkim-2-8-0-Beta2

rel-opendkim-2-8-0-Beta3

rel-opendkim-2-8-0-Beta4

rel-opendkim-2-8-0-Beta5

rel-opendkim-2-8-0-Beta6

rel-opendkim-2-8-0-Beta7

rel-opendkim-2-8-1

rel-opendkim-2-8-1-Beta0

rel-opendkim-2-8-2

rel-opendkim-2-8-3

rel-opendkim-2-8-4

rel-opendkim-2-8-4-Beta0

rel-opendkim-2-8-4-Beta1

rel-opendkim-2-8-4-Beta2

rel-opendkim-2-9-0

rel-opendkim-2-9-0-Beta0

rel-opendkim-2-9-0-Beta1

rel-opendkim-2-9-0-Beta2

rel-opendkim-2-9-1

rel-opendkim-2-9-1-Beta0

rel-opendkim-2-9-1-Beta1

rel-opendkim-2-9-1-Beta2

rel-opendkim-2-9-1-Beta3

rel-opendkim-2-9-1-Beta4

rel-opendkim-2-9-2

rel-opendkim-2-9-2-Beta0