CVE-2022-48521

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-48521
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48521.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48521
Downstream
Published
2023-07-11T20:15:10.523Z
Modified
2026-03-14T12:00:40.826377Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely on Authentication-Results from OpenDKIM will treat the message as having a valid DKIM signature when in fact it has none.

References

Affected packages

Git / github.com/trusteddomainproject/opendkim

Affected ranges

Type
GIT
Repo
https://github.com/trusteddomainproject/opendkim
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
cf1b96054c9d1e395417eda46b6038a1ab7a904f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0fb53f84a6d17b82c8fc50c84b2a7517041250a8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ba032e771c79ef98c86f5a55fe5453a5b700cee3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ba29fa57b2455143dd86973c2229d6f7b8e16d9b
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.10.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.11.0-beta0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.11.0-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.11.0-beta2"
        }
    ]
}

Affected versions

Other
rel-opendkim-2-10-0
rel-opendkim-2-10-0-Beta0
rel-opendkim-2-10-0-Beta1
rel-opendkim-2-10-0-Beta2
rel-opendkim-2-10-1
rel-opendkim-2-10-2
rel-opendkim-2-10-3
rel-opendkim-2-2-2
rel-opendkim-2-3-0
rel-opendkim-2-3-0-Beta0
rel-opendkim-2-3-0-Beta1
rel-opendkim-2-3-0-Beta2
rel-opendkim-2-3-0-Beta3
rel-opendkim-2-3-0-Beta4
rel-opendkim-2-3-0-Beta5
rel-opendkim-2-3-0-Beta6
rel-opendkim-2-3-0-Beta7
rel-opendkim-2-3-0-Beta8
rel-opendkim-2-3-0-Beta9
rel-opendkim-2-3-1
rel-opendkim-2-3-1-Beta0
rel-opendkim-2-3-1-Beta1
rel-opendkim-2-3-1-Beta2
rel-opendkim-2-3-1-Beta3
rel-opendkim-2-3-1-Beta4
rel-opendkim-2-3-1-Beta5
rel-opendkim-2-3-1-Beta6
rel-opendkim-2-3-2
rel-opendkim-2-3-2-Beta0
rel-opendkim-2-3-2-Beta1
rel-opendkim-2-3-2-Beta2
rel-opendkim-2-3-2-Beta3
rel-opendkim-2-3-2-Beta4
rel-opendkim-2-3-2-Beta5
rel-opendkim-2-4-0
rel-opendkim-2-4-0-Beta0
rel-opendkim-2-4-0-Beta1
rel-opendkim-2-4-0-Beta2
rel-opendkim-2-4-0-Beta3
rel-opendkim-2-4-0-Beta4
rel-opendkim-2-4-0-Beta5
rel-opendkim-2-4-0-Beta6
rel-opendkim-2-4-1
rel-opendkim-2-4-2
rel-opendkim-2-4-3
rel-opendkim-2-5-0
rel-opendkim-2-5-0-1
rel-opendkim-2-5-0-Beta0
rel-opendkim-2-5-0-Beta1
rel-opendkim-2-5-0-Beta10
rel-opendkim-2-5-0-Beta11
rel-opendkim-2-5-0-Beta12
rel-opendkim-2-5-0-Beta13
rel-opendkim-2-5-0-Beta14
rel-opendkim-2-5-0-Beta15
rel-opendkim-2-5-0-Beta2
rel-opendkim-2-5-0-Beta3
rel-opendkim-2-5-0-Beta4
rel-opendkim-2-5-0-Beta5
rel-opendkim-2-5-0-Beta6
rel-opendkim-2-5-0-Beta7
rel-opendkim-2-5-0-Beta8
rel-opendkim-2-5-0-Beta9
rel-opendkim-2-5-1
rel-opendkim-2-5-2
rel-opendkim-2-6-0
rel-opendkim-2-6-0-Beta0
rel-opendkim-2-6-0-Beta1
rel-opendkim-2-6-0-Beta2
rel-opendkim-2-6-0-Beta3
rel-opendkim-2-6-0-Beta4
rel-opendkim-2-6-0-Beta5
rel-opendkim-2-6-1
rel-opendkim-2-6-2
rel-opendkim-2-6-3
rel-opendkim-2-6-4
rel-opendkim-2-6-5
rel-opendkim-2-6-6
rel-opendkim-2-6-7
rel-opendkim-2-7-0
rel-opendkim-2-7-0-Beta0
rel-opendkim-2-7-0-Beta1
rel-opendkim-2-7-0-Beta2
rel-opendkim-2-7-0-Beta3
rel-opendkim-2-7-0-Beta4
rel-opendkim-2-7-0-Beta5
rel-opendkim-2-7-1
rel-opendkim-2-7-2
rel-opendkim-2-7-3
rel-opendkim-2-7-4
rel-opendkim-2-8-0
rel-opendkim-2-8-0-Beta0
rel-opendkim-2-8-0-Beta1
rel-opendkim-2-8-0-Beta2
rel-opendkim-2-8-0-Beta3
rel-opendkim-2-8-0-Beta4
rel-opendkim-2-8-0-Beta5
rel-opendkim-2-8-0-Beta6
rel-opendkim-2-8-0-Beta7
rel-opendkim-2-8-1
rel-opendkim-2-8-1-Beta0
rel-opendkim-2-8-2
rel-opendkim-2-8-3
rel-opendkim-2-8-4
rel-opendkim-2-8-4-Beta0
rel-opendkim-2-8-4-Beta1
rel-opendkim-2-8-4-Beta2
rel-opendkim-2-9-0
rel-opendkim-2-9-0-Beta0
rel-opendkim-2-9-0-Beta1
rel-opendkim-2-9-0-Beta2
rel-opendkim-2-9-1
rel-opendkim-2-9-1-Beta0
rel-opendkim-2-9-1-Beta1
rel-opendkim-2-9-1-Beta2
rel-opendkim-2-9-1-Beta3
rel-opendkim-2-9-1-Beta4
rel-opendkim-2-9-2
rel-opendkim-2-9-2-Beta0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48521.json"