Описание
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.12.20+dfsg-1ubuntu1 |
| cosmic | not-affected | 1.12.20+dfsg-1ubuntu1 |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/bionic | not-affected | 1.12.20+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email.
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framewor ...
4.3 Medium
CVSS2
6.1 Medium
CVSS3