26 matches found
CVE-2026-47712
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes ...
CVE-2026-47712 Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes ...
GHSA-555P-6GRF-MH7F Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`
Impact dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes - path separators /, , parent-directory components .., and other filename-hostile characters e.g. : were preserved verbatim and...
CVE-2026-29135
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization...
CVE-2026-29144
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
CVE-2026-29141
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as signed OK...
EUVD-2026-18162
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as signed OK...
EUVD-2026-18168
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
EUVD-2026-18150
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization...
CVE-2026-29144
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
CVE-2026-29141
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as signed OK...
CVE-2026-29135
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization...
CVE-2026-29144 Unicode Subject Tags
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
CVE-2026-29144
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
CVE-2026-29144 Unicode Subject Tags
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
CVE-2026-29144
SEPPmail Secure Email Gateway vulnerability CVE-2026-29144 affects versions prior to 15.0.3. An attacker can bypass subject sanitization and forge security tags using Unicode lookalike characters. The documents do not provide exploitation details, affected product scope beyond the stated version ...
CVE-2026-29141
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as signed OK...
CVE-2026-29141 Bounded Subject Tag Sanitization
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as signed OK...
CVE-2026-29135
SEPPmail Secure Email Gateway is affected by CVE-2026-29135: versions prior to 15.0.3 allow an attacker to craft a password-tag that bypasses subject sanitization. The issue concerns the password-tag handling in the webmail/processing flow (no explicit exploit details provided in the documents). ...
CVE-2026-29135 Webmail Password Tag Sanitization Bypass
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization...