Описание
A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
Ссылки
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Product
- Patch
- ExploitVendor Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.0.11 (исключая)
cpe:2.3:a:nodemailer:nodemailer:*:*:*:*:*:node.js:*:*
Конфигурация 2
Одно из
cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:developer_hub:-:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00083
Низкий
7.5 High
CVSS3
Дефекты
CWE-703
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 2 месяцев назад
A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
CVSS3: 7.5
debian
около 2 месяцев назад
A flaw was found in Nodemailer. This vulnerability allows a denial of ...
CVSS3: 5.3
github
около 2 месяцев назад
Nodemailer is vulnerable to DoS through Uncontrolled Recursion
EPSS
Процентиль: 24%
0.00083
Низкий
7.5 High
CVSS3
Дефекты
CWE-703