Skip to main content

Commons Email

2 CVEs product

Monthly

CVE-2018-1294 Maven HIGH PATCH This Week

If a user of Apache Commons Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Commons Email
NVD
CVSS 3.0
7.5
EPSS
2.9%
CVE-2017-9801 Maven HIGH PATCH This Week

When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Commons Email
NVD
CVSS 3.0
7.5
EPSS
1.3%
EPSS 3% CVSS 7.5
HIGH PATCH This Week

If a user of Apache Commons Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Commons Email
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Commons Email
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy