Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-Q86F-FMQF-QRF6
HistoryOct 24, 2017 - 6:33 p.m.

Mail Gem CRLF Injection vulnerability

2017-10-2418:33:36
Google
osv.dev
4

0.002 Low

EPSS

Percentile

61.6%

JSON

The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.

CPENameOperatorVersion
maileq2.1.2
maileq2.4.0
maileq2.2.4
maileq2.2.20
maileq1.4.1
maileq1.5.4
maileq1.3.3
maileq1.3.2
maileq2.1.1
maileq1.5.3
Rows per page:
1-10 of 681

Related

nvd 1
cve 1
openvas 1
ubuntucve 1
github 1
cvelist 1
debiancve 1
prion 1
rubygems 1
rosalinux 1
nvd
nvd
CVE-2015-9097
2017-06-12 20:29:00
cve
cve
CVE-2015-9097
2022-10-03 16:16:02
openvas
openvas
Debian: Security Advisory (DLA-489-1)
2023-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2015-9097
2017-06-12 00:00:00
github
github
Mail Gem CRLF Injection vulnerability
2017-10-24 18:33:36
cvelist
cvelist
CVE-2015-9097
2022-10-03 16:16:02
debiancve
debiancve
CVE-2015-9097
2022-10-03 16:16:02
prion
prion
Command injection
2017-06-12 20:29:00
rubygems
rubygems
CVE-2015-9097 rubygem-mail: SMTP injection via recipient email addresses
2015-12-08 21:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34

0.002 Low

EPSS

Percentile

61.6%

JSON
Related for OSV:GHSA-Q86F-FMQF-QRF6
nvd1cve1openvas1ubuntucve1github1cvelist1debiancve1prion1rubygems1rosalinux1