Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/11 12:34 p.m.10 views

EUVD-2026-36239

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Versions prior to 2.10.2 contain improper Host header validation when parsing raw HTTP request messages and when deriving a server request URI from server variables. An attacker can provide a malformed Host header containing U...

5.3CVSS5.4AI score0.00198EPSS
Exploits0References1
NVD
NVD
added 2025/09/29 11:15 p.m.7 views

CVE-2025-59937

go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...

9.1CVSS0.00505EPSS
Exploits1References4
OSV
OSV
added 2025/09/29 4:28 p.m.7 views

GHSA-WPWJ-69CM-Q9C5 go-mail has insufficient address encoding when passing mail addresses to the SMTP client

Impact Due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, this could lead to a possible wrong address routing or even to ESMTP parameter smuggling. Vulnerability details Instead ...

8.2CVSS7.2AI score0.00505EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/08/24 12:0 a.m.6 views

PT-2024-31496

Name of the Vulnerable Software and Affected Versions Fort versions prior to 1.6.3 Description An issue was discovered in Fort where a malicious RPKI repository that descends from a trusted Trust Anchor can serve an ROA or a Manifest containing a null eContent field via rsync or RRDP. Fort...

9.8CVSS6.8AI score0.00481EPSS
Exploits0References35
Rows per page
Query Builder