View at Official alpine advisory, NVD, CVE.org · CVE detail
Freshness: no update timestamp found; verify against the upstream OS advisory manually.
CVE-2020-35680: 1 source package rows (opensmtpd); 6 state rows across 6 repos (3.10-main, 3.11-main, 3.12-main, 3.22-community, edge-community, edge-main); fixed 2, open 4.
smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer.