13 matches found
PT-2026-22890
SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it...
RUSTSEC-2026-0009 Denial of Service via Stack Exhaustion
Impact When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,...
Apple多款产品 安全漏洞
Apple iOS is an operating system for mobile devices, Apple watchOS is an operating system for smartwatches, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in several Apple products that stems from insufficient checks on email header parsing, which could...
EUVD-2024-44955
Malicious code in bioql PyPI...
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
...
CVE-2024-50574
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality...
CVE-2024-50574
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality...
CVE-2024-50574
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality...
CVE-2024-50574
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality...
CVE-2024-50574
JetBrains YouTrack before 2024.3.47707 is affected by CVE-2024-50574: a potential ReDoS via email header parsing in Helpdesk. The issue is described in multiple sources as a denial of service risk with availability impact (per CVSS notes: HIGH). No explicit exploit details or active exploit statu...
[SECURITY] [DSA 738-1] New razor packages fix potential DOS
------------------------------------------------------------------------ Debian Security Advisory DSA 738-1 [email protected] http://www.debian.org/security/ Michael Stone July 05, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
[SECURITY] [DSA 738-1] New razor packages fix potential DOS
------------------------------------------------------------------------ Debian Security Advisory DSA 738-1 [email protected] http://www.debian.org/security/ Michael Stone July 05, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
mail buffer overflow
Buffer overflow on parsing Cc: header in message...