{"id":"CVE-2021-20314","details":"Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.","modified":"2026-04-16T04:36:10.482452661Z","published":"2021-08-12T15:15:07.657Z","related":["openSUSE-SU-2021:1187-1","openSUSE-SU-2024:10995-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMSFT2NJDZ7PATRZSQPAOGSE7JD6ELOB/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFXJRHPE5OSCPTNA3ZZ4ORDHT4JQH3Y4/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6T4HYXXSUQCGJB2ES6X7Q74YYF7V7XU/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202401-22"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993070"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.11"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-20314.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}