Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/10/17 1:2 a.m.38 views

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise and IBM Integration Bus (CVE-2020-7769)

Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID:CVE-2020-7769 DESCRIPTION: Nodejs could allow a remote attacker to execute arbitrary...

9.8CVSS10AI score0.0232EPSS
Exploits2
Node.js
Node.js
added 2021/05/10 7:18 p.m.96 views

Command Injection

Overview nodemailer before version 6.4.16 is vulnerable to command injection. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails. Recommendation Upgrade to version 6.4.16 or later References - CVE - GitHub Advisory...

7.5CVSS4.1AI score0.02316EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/10 7:16 p.m.4 views

02112019lab6 (=1.0.0), 03-custom-tian (>=1.0.1 <=1.0.6) +10979 more potentially affected by CVE-2020-7769 via nodemailer (>=0.1.18 <=6.4.15)

nodemailer NPM version =0.1.18, =1.0.1, =1.0.0, =1.0.0, =0.2.9, =0.2.19 - 10er10 =0.23.0 - 123ac =1.0.8 - 123acyashu =1.0.8 - 123acyashuac =1.0.8 - 2fatang =1.0.0 and more Source cves: CVE-2020-7769 Source advisory: OSV:GHSA-48WW-J4FC-435P...

9.8CVSS7.2AI score0.02316EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/23 4:11 p.m.33 views

Security Bulletin: A security vulnerability in Node.js nodemailer module affects IBM Cloud Automation Manager.

Summary A security vulnerability in Node.js nodemailer module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2020-7769 DESCRIPTION: Nodejs could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation by the recipient email...

9.8CVSS2.3AI score0.02316EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/04 1:24 p.m.33 views

Security Bulletin: Version 6.4.6 of Node.js module nodemailer included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability

Summary Security Bulletin: Version 6.4.6 of Node.js module nodemailer included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-7769 DESCRIPTION: Nodejs could allow a remote attacker to execute arbitrary commands on the system, caused by...

9.8CVSS2.4AI score0.02316EPSS
Exploits1Affected Software1
Cvelist
Cvelist
added 2020/11/12 8:30 a.m.25 views

CVE-2020-7769 Command Injection

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

8.6CVSS9.8AI score0.02316EPSS
Exploits1References4
CVE
CVE
added 2020/11/12 8:30 a.m.89 views

CVE-2020-7769

CVE-2020-7769 affects the Node.js nodemailer package up to version 6.4.16. The vulnerability arises from improper input validation of recipient email addresses in the sendmail transport, allowing a crafted recipient address to inject arbitrary command flags. Documents indicate a high/severe impac...

9.8CVSS9.5AI score0.02316EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2020/11/11 1:17 p.m.3 views

02112019lab6 (=1.0.0), 03-custom-tian (>=1.0.1 <=1.0.6) +7785 more potentially affected by CVE-2020-7769 via nodemailer (>=6.0.0 <=6.4.15)

nodemailer NPM version =6.0.0, =1.0.1, =1.0.0, =1.0.0, =0.2.9, =1.0.0, =1.0.3 and more Source cves: CVE-2020-7769 Source advisory: SNYK:JS-NODEMAILER-1038834...

9.8CVSS7.2AI score0.02316EPSS
Exploits1
Rows per page
Query Builder