8 matches found
Security Bulletin: Apache Commons Email as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2017-9801, CVE-2018-1294)
Summary Apache Commons Email as used by IBM QRadar SIEM is vulnerable to information disclosure. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-9801 DESCRIPTION: Apache Commons Email could allow a remote attacker to inject header data, caused by an error i...
at.researchstudio.sat:won-owner-webapp (=0.3), at.researchstudio.sat:won-utils-mail (>=0.2 <=0.9) +1394 more potentially affected by CVE-2018-1294 via org.apache.commons:commons-email (>=1.1 <=1.4)
org.apache.commons:commons-email MAVEN version =1.1, =0.2, =1.0.0, =1.2.8, =1.0.2, =1.2, =1.0.0, =1.0.1, =0.0.1, =2.23.0, =1.1, =1.4 and more Source cves: CVE-2018-1294 Source advisory: OSV:GHSA-V7CM-W955-PJ6G...
Mageia: Security Advisory (MGASA-2018-0136)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-1294
If a user of Apache Commons Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients, contents, etc. might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You...
CVE-2018-1294
If a user of Apache Commons Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients, contents, etc. might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You...
Updated apache-commons-email packages fix security vulnerability
Apache Commons-Email, from version 1.0 to 1.4 inclusive, does not properly validate bounce addresses. If a user of Commons-Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients,...
Fedora 26 : apache-commons-email (2018-48d385a6fd)
Security fix for CVE-2018-1294 updated to 1.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
openSUSE Security Update : apache-commons-email (openSUSE-2018-134)
This update for apache-commons-email fixes one issues. This security issue was fixed : - CVE-2018-1294: Added validation to prevent information disclosure via unchecked bounce addresses boo1077893. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...