OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field.
https://github.com/trusteddomainproject/OpenDMARC/pull/178
https://github.com/trusteddomainproject/OpenDMARC/issues/179