15 matches found
SUSE CVE-2025-59937
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
GO-2025-3988 Insufficient address encoding when passing mail addresses to the SMTP client in github.com/wneessen/go-mail
Insufficient address encoding when passing mail addresses to the SMTP client in github.com/wneessen/go-mail...
EUVD-2025-31582
Malicious code in bioql PyPI...
CVE-2025-59937
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
CVE-2025-59937
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
CVE-2025-59937 go-mail has insufficient address encoding when passing mail addresses to the SMTP client
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
CVE-2025-59937
Go-mail (github.com/wneessen/go-mail) vulnerable in versions
CVE-2025-59937 go-mail has insufficient address encoding when passing mail addresses to the SMTP client
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
CVE-2025-59937 go-mail has insufficient address encoding when passing mail addresses to the SMTP client
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
Arbitrary Argument Injection
Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via improper handling of the mail.Address value. An attacker can manipulate email routing or inject unauthorized SMTP parameters by supplying specially crafted email addresses. Note: This is only exploitable...
go-mail has insufficient address encoding when passing mail addresses to the SMTP client
Impact Due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, this could lead to a possible wrong address routing or even to ESMTP parameter smuggling. Vulnerability details Instead ...
Arbitrary Argument Injection
Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via improper handling of the mail.Address value. An attacker can manipulate email routing or inject unauthorized SMTP parameters by supplying specially crafted email addresses. Note: This is only exploitable...
GHSA-WPWJ-69CM-Q9C5 go-mail has insufficient address encoding when passing mail addresses to the SMTP client
Impact Due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, this could lead to a possible wrong address routing or even to ESMTP parameter smuggling. Vulnerability details Instead ...
PT-2025-39914
Name of the Vulnerable Software and Affected Versions go-mail versions 0.7.0 and below Description The go-mail library improperly handles mail.Address values when passed to the SMTP client’s MAIL FROM or RCPT TO commands. This can lead to incorrect address routing or ESMTP parameter smuggling...
go-mail 参数注入漏洞
go-mail is a Golang library with mail sending functionality by the individual developer Winni Neessen. A parameter injection vulnerability exists in go-mail version 0.7.0 and earlier, which stems from mishandling of the mail.Address value, which can lead to incorrect address routing or ESMTP...