GHSA-QC36-Q22Q-CJW3 SMTP command injection in lettre
Impact Affected versions of lettre allowed SMTP command injection through an attacker's controlled message body. The module for escaping lines starting with a period wouldn't catch a period that was placed after a double CRLF sequence, allowing the attacker to end the current message and write...