2 matches found
PT-2026-44137
Name of the Vulnerable Software and Affected Versions Symfony Mailer affected versions not specified Description When using SendmailTransport in -t mode, recipient addresses are appended to the sendmail command line without a -- end-of-options separator. Because SymfonyComponentMimeAddress accept...
Arbitrary Argument Injection
Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via recipient handling in SendmailTransport when using sendmail -t mode. An attacker can inject arbitrary sendmail command-line options by supplying a recipient address beginning with -, as recipient address...