CVE-2020-35679

Publication date

2020-12-24 15:53:23

Family

mitre

State

PUBLISHED

Description

smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups.