Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Nodemailer Security Vulnerabilities

cve
cve

CVE-2021-23400

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address...

8.8CVSS

8.8AI Score

0.012EPSS

2021-06-29 12:15 PM
29
2
cve
cve

CVE-2020-7769

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending...

9.8CVSS

9.6AI Score

0.025EPSS

2020-11-12 09:15 AM
47
cve
cve

CVE-2017-16071

nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by...

7.5CVSS

7.4AI Score

0.002EPSS

2018-06-07 02:29 AM
33