EUVD-2005-1108

Malware in sbrugna...

EUVD-2021-2501

Malware in sbrugna...

openSUSE Security Advisory (SUSE-SU-2025:03025-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:03025-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for javamail

This update for javamail fixes the following issues: Update to version 1.6.2 CVE-2025-7962: Fixed an improper neutralization of \r and \n UTF-8 characters can lead to SMTP injection bsc1246873 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:03025-1 Security update for javamail

This update for javamail fixes the following issues: - Update to version 1.6.2 - CVE-2025-7962: Fixed an improper neutralization of \r and \n UTF-8 characters can lead to SMTP injection bsc1246873...

javamail-1.6.2-3.1 on GA media (moderate)

javamail-1.6.2-3.1 on GA media Announcement ID: openSUSE-SU-2025:15378-1 Rating: moderate Cross-References: CVE-2025-7962 CVSS scores: CVE-2025-7962 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2025-7962 SUSE : 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N...

OPENSUSE-SU-2025:15378-1 javamail-1.6.2-3.1 on GA media

These are all security issues fixed in the javamail-1.6.2-3.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2007-6059

Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service connection pool...

Apache Sling Commons Messaging Mail Trust Management Issue Vulnerability

Apache Sling Commons Messaging Mail is an open source messaging mail service from the Apache Foundation in the U.S. A trust management issue vulnerability exists in Apache Sling Commons Messaging Mail 1.0.0, which stems from the Apache Sling Commons Messaging Mail provides a simple layer on top o...

GHSA-C69W-JJ56-834W Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

CVE-2021-44549

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

CVE-2021-44549

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

Hardcoded credentials

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

CVE-2021-44549

CVE-2021-44549 affects Apache Sling Commons Messaging Mail (Sling Mail) implementations that use SMTPS. The issue arises from the SimpleMailService in Apache Sling Commons Messaging Mail 1.0 which lacked an option to enable mail.smtps.ssl.checkserveridentity by default, leaving SMTPS connections ...

CVE-2021-44549 SMTPS server hostname not checked when making TLS connection to SMTPS server

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

GitHub Security Lab: Java: CWE-297 Insecure JavaMail SSL configuration

This bug was reported directly to GitHub Security Lab...

[SECURITY] Fedora 26 Update: apache-commons-email-1.5-1.fc26

Commons-Email aims to provide an API for sending email. It is built on top of the JavaMail API, which it aims to simplify...

CVE-2005-1753

ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to sourc...

Sun JavaMail 1.x Multiple Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13753/info Sun JavaMail is prone to multiple information disclosure vulnerabilities. The issues exist due to a lack of sufficient input sanitization performed on user-supplied requests. The following issues are reported: ...