Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/07/26 2:17 p.m.25 views

Security Bulletin: Apache Commons Email as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2017-9801, CVE-2018-1294)

Summary Apache Commons Email as used by IBM QRadar SIEM is vulnerable to information disclosure. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-9801 DESCRIPTION: Apache Commons Email could allow a remote attacker to inject header data, caused by an error i...

7.5CVSS7.3AI score0.06036EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/14 1:28 a.m.5 views

at.researchstudio.sat:won-owner-webapp (=0.3), at.researchstudio.sat:won-utils-mail (>=0.2 <=0.9) +1394 more potentially affected by CVE-2018-1294 via org.apache.commons:commons-email (>=1.1 <=1.4)

org.apache.commons:commons-email MAVEN version =1.1, =0.2, =1.0.0, =1.2.8, =1.0.2, =1.2, =1.0.0, =1.0.1, =0.0.1, =2.23.0, =1.1, =1.4 and more Source cves: CVE-2018-1294 Source advisory: OSV:GHSA-V7CM-W955-PJ6G...

7.5CVSS7AI score0.02863EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2018-0136)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.02863EPSS
Exploits0References4
NVD
NVD
added 2018/03/20 5:29 p.m.21 views

CVE-2018-1294

If a user of Apache Commons Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients, contents, etc. might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You...

7.5CVSS7.4AI score0.02863EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/03/20 5:29 p.m.34 views

CVE-2018-1294

If a user of Apache Commons Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients, contents, etc. might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You...

7.5CVSS7AI score0.02863EPSS
Exploits0References2
Mageia
Mageia
added 2018/02/24 11:25 p.m.41 views

Updated apache-commons-email packages fix security vulnerability

Apache Commons-Email, from version 1.0 to 1.4 inclusive, does not properly validate bounce addresses. If a user of Commons-Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients,...

7.5CVSS2.4AI score0.02863EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/02/15 12:0 a.m.27 views

Fedora 26 : apache-commons-email (2018-48d385a6fd)

Security fix for CVE-2018-1294 updated to 1.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.5CVSS7.2AI score0.02863EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/02/06 12:0 a.m.26 views

openSUSE Security Update : apache-commons-email (openSUSE-2018-134)

This update for apache-commons-email fixes one issues. This security issue was fixed : - CVE-2018-1294: Added validation to prevent information disclosure via unchecked bounce addresses boo1077893. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

7.5CVSS7.2AI score0.02863EPSS
Exploits0References2
Rows per page
Query Builder