PYSEC-2020-174

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/postfix-mta-sts-resolver/PYSEC-2020-174.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2020-174

Aliases

CVE-2019-16791
GHSA-h92m-42h4-82f6

Published

2020-01-22T02:15:00Z

Modified

2023-11-01T04:50:40.668294Z

Summary

[none]

Details

In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.

References

https://github.com/Snawoot/postfix-mta-sts-resolver/security/advisories/GHSA-h92m-42h4-82f6
https://gist.github.com/Snawoot/b9da85d6b26dea5460673b29df1adc6b

Affected packages

PyPI / postfix-mta-sts-resolver

Package

Name: postfix-mta-sts-resolver; View open source insights on deps.dev
Purl: pkg:pypi/postfix-mta-sts-resolver

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.5.1

Affected versions

0.*

0.1.1

0.1.2

0.1.3

0.1.4

0.1.5

0.2.0

0.2.1

0.2.2

0.2.3

0.2.4

0.2.5

0.2.7

0.2.8

0.2.9

0.3.0

0.4.0

0.4.1

0.4.2

0.4.3

0.4.4

0.4.5

0.5.0