2 matches found
async-notify (>=0.5.17 <=0.6.3), async-sender (>=1.3.0 <=1.4.4) +11 more potentially affected by unknown CVE via aiosmtplib (>=1.0.3 <=1.1.6)
aiosmtplib PYPI version =1.0.3, =0.5.17, =1.3.0, =0.0.3, =0.39.0, =0.2.3, =0.0.1, =0.1.1, =1.0.4, =2024.10.27.post1, =0.9.0, =0.8.4, =0.1.0a0, =0.1.6a0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-AIOSMTPLIB-3042406...
SMTP Injection
Overview aiosmtplib is an aiosmtplib is an asynchronous SMTP client for use with asyncio. Affected versions of this package are vulnerable to SMTP Injection. It is possible to insert an arbitrary SMTP command through the hostname or the sourceaddress field. PoC python import asyncio from...