Lucene search
PRIOn knowledge basePRION:CVE-2015-9097HistoryJun 12, 2017 - 8:29 p.m.
Command injection
2017-06-1220:29:00
PRIOn knowledge base
www.prio-n.com
The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.
References
Related
nvd
nvd
CVE-2015-9097
2017-06-12 20:29:00
cve
cve
CVE-2015-9097
2022-10-03 16:16:02
openvas
openvas
Debian: Security Advisory (DLA-489-1)
2023-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2015-9097
2017-06-12 00:00:00
osv
osv
Mail Gem CRLF Injection vulnerability
2017-10-24 18:33:36
github
github
Mail Gem CRLF Injection vulnerability
2017-10-24 18:33:36
cvelist
cvelist
CVE-2015-9097
2022-10-03 16:16:02
debiancve
debiancve
CVE-2015-9097
2022-10-03 16:16:02
rubygems
rubygems
CVE-2015-9097 rubygem-mail: SMTP injection via recipient email addresses
2015-12-08 21:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34