EPSS
Percentile
89.9%
libspf2 is vulnerable to remote code execution. The vulnerability exists in SPF_record_expand_data in spf_expand.c, allowing an attacker to send a malicious SPF DNS record to cause overflow data.
SPF_record_expand_data in spf_expand.c
github.com/shevek/libspf2/tree/8131fe140704eaae695e76b5cd09e39bd1dd220b
lists.debian.org/debian-lts-announce/2022/01/msg00015.html
nathanielbennett.com/blog/libspf2-cve-jan-2022-disclosure