CVE-2020-7769

Опубликовано: 12 нояб. 2020

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 8.6

Описание

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails.

Релиз	Статус	Примечание
bionic	DNE
devel	not-affected	6.4.16-1
esm-apps/focal	needed
esm-apps/jammy	not-affected	6.4.16-1
esm-apps/noble	not-affected	6.4.16-1
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
groovy	ignored	end of life
hirsute	not-affected	6.4.16-1
impish	not-affected	6.4.16-1

Показывать по

Ссылки на источники

7.5 High

CVSS2

8.6 High

CVSS3

Связанные уязвимости

CVE-2020-7769

CVSS3: 8.6

nvd

около 5 лет назад

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails.

CVE-2020-7769

CVSS3: 8.6

debian

около 5 лет назад

This affects the package nodemailer before 6.4.16. Use of crafted reci ...

GHSA-48ww-j4fc-435p

CVSS3: 9.8

github

больше 4 лет назад

Command injection in nodemailer

7.5 High

CVSS2

8.6 High

CVSS3

CVE-2020-7769

Описание

Пакет node-nodemailer

Ссылки на источники

Связанные уязвимости