Lucene search
MitreCVELIST:CVE-2015-9097HistoryOct 03, 2022 - 4:16 p.m.
CVE-2015-9097
2022-10-0316:16:02
mitre
www.cve.org
mail gem
smtp command injection
crlf sequences
The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
References
Related
nvd
nvd
CVE-2015-9097
2017-06-12 20:29:00
cve
cve
CVE-2015-9097
2022-10-03 16:16:02
openvas
openvas
Debian: Security Advisory (DLA-489-1)
2023-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2015-9097
2017-06-12 00:00:00
osv
osv
Mail Gem CRLF Injection vulnerability
2017-10-24 18:33:36
github
github
Mail Gem CRLF Injection vulnerability
2017-10-24 18:33:36
prion
prion
Command injection
2017-06-12 20:29:00
debiancve
debiancve
CVE-2015-9097
2022-10-03 16:16:02
rubygems
rubygems
CVE-2015-9097 rubygem-mail: SMTP injection via recipient email addresses
2015-12-08 21:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34