Description
When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-4710 | When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers. |
Github GHSA |
GHSA-p7vm-phxx-g722 | Improper Input Validation in Apache Commons Email |
References
History
No history.
Status: PUBLISHED
Assigner: apache
Published:
Updated: 2024-09-16T19:05:37.866Z
Reserved: 2017-06-21T00:00:00.000Z
Link: CVE-2017-9801
No data.
Status : Modified
Published: 2017-08-07T15:29:00.517
Modified: 2026-06-17T01:28:56.987
Link: CVE-2017-9801
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-20
Improper Input Validation
EUVD
Github GHSA