Nodemailer’s addressparser is vulnerable to DoS caused by recursive calls

Summary A DoS can occur that immediately halts the system due to the use of an unsafe function. Details According to RFC 5322, nested group structures a group inside another group are not allowed. Therefore, in lib/addressparser/index.js, the email address parser performs flattening when nested...

Uncontrolled Recursion

Overview org.webjars.npm:nodemailer is an Easy as cake e-mail sending from your Node.js applications Affected versions of this package are vulnerable to Uncontrolled Recursion in the addressparser function. An attacker can cause the process to terminate immediately by sending an email address...

Uncontrolled Recursion

Overview nodemailer is an Easy as cake e-mail sending from your Node.js applications Affected versions of this package are vulnerable to Uncontrolled Recursion in the addressparser function. An attacker can cause the process to terminate immediately by sending an email address header containing...

MAL-2022-537 Malicious code in @puresec/addressparser-malicious (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f35f0d4232324d0184d75d7cfba054b0a74327c8351544f0540d29b6a894c6a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...