VDB
CVE-2021-20314
CVE-2021-20314
PUBLISHED
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.
EPSS 0.17% · 37.8th percentile
Risk Scores
EPSS Score
0.17%
37.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | libspf2 | 0, 1.2.10-6, 1.2.10-6build1 |
| Ubuntu:20.04:LTS | libspf2 | 0, 1.2.10-7build3, 1.2.10-7build4 |
| Ubuntu:Pro:18.04:LTS | libspf2 | 0, 1.2.10-7build2 |
Timeline
- Aug 11, 2021 CVE Published
- Aug 13, 2021 EPSS Score
- Sep 30, 2021 EPSS Score
- Oct 11, 2021 EPSS Score
- Dec 8, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 4, 2022 EPSS Score
- Jun 2, 2022 EPSS Score
- Jul 31, 2022 EPSS Score
- Nov 25, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-20314 third-party-advisory
- https://ubuntu.com/security/notices/USN-6584-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-20314 third-party-advisory