CVE-2019-20790: OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, ...

Severity: Critical

CVSS Score: 9.8

OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.