Lucene search
K

EUVD-2025-22141

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType 
euvd
 euvd
🔗 euvd.enisa.europa.eu👁 3 Views

SMTP Injection vulnerability exists in Jakarta Mail 2.2 using specific UTF-8 characters.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by SMTP injection due to Jakarta Mail
7 Nov 202511:01
ibm
IBM Security Bulletins
Security Bulletin: IBM SPSS Analytic Server is affected by SMTP injection due to Jakarta Mail in IBM WebSphere Application Server Liberty (CVE-2025-7962)
7 Jan 202604:07
ibm
IBM Security Bulletins
Security Bulletin: A vulnerability in WebSphere Application Server Liberty affects IBM Enterprise Application Service for Java (CVE-2025-7962)
17 Dec 202514:30
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by an SMTP injection vulnerability due to Jakarta Mail (CVE-2025-7962)
17 Nov 202515:12
ibm
IBM Security Bulletins
Security Bulletin: IBM Engineering Test Management is affected by IBM WebSphere Application Server and Liberty are affected by SMTP injection(CVE-2025-7962)
25 Mar 202612:17
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with WebSphere Remote Server, are affected by SMTP injection due to Jakarta Mail
27 Nov 202501:32
ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server and Websphere Application Server Liberty shipped with IBM Guardium Key Lifecycle Manager (GKLM)
14 Nov 202506:20
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by an SMTP injection vulnerability due to Jakarta Mail (CVE-2025-7962)
17 Nov 202515:14
ibm
IBM Security Bulletins
Security Bulletin: Due to the use of IBM WebSphere Application Server, IBM Tivoli Network Manager (ITNM) IP Edition is affected by an SMTP injection vulnerability caused by Jakarta Mail(CVE-2025-7962)
18 Dec 202502:12
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by SMTP injection due to Jakarta Mail (CVE-2025-7962)
2 Dec 202519:10
ibm
Rows per page
[
  {
    "enisaIdVendor": [
      {
        "id": "e3b4d97d-84ad-3fdf-8831-86da22613e97",
        "vendor": {
          "name": "Eclipse Foundation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "5e770bac-6035-302a-93b4-1cacf24c4f51",
        "product": {
          "name": "Jakarta Mail"
        },
        "product_version": ""
      },
      {
        "id": "92600342-4c51-3540-b4a2-9fd7db3316c5",
        "product": {
          "name": "Jakarta Mail"
        },
        "product_version": "2.2"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Oct 2025 20:07Current
6.2Medium risk
Vulners AI Score6.2
CVSS 46
CVSS 3.17.5
EPSS0.00756
SSVC
3