Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApacheCommons Email

2 matches found

CVE
CVEadded 2018/03/20 5:0 p.m.106 views

CVE-2018-1294

CVE-2018-1294 affects Apache Commons-Email: when unvalidated input is used as the Bounce Address and contains line breaks, email details (recipients, contents, etc.) may be manipulated. The risk is mitigated by upgrading to Commons-Email 1.5 or by stripping line breaks from data passed to Email.s...

7.5CVSS7.2AI score0.0052EPSS
CVE
CVEadded 2017/08/07 3:0 p.m.84 views

CVE-2017-9801

CVE-2017-9801 affects Apache Commons Email (versions 1.0–1.4). A call-site passing an email subject containing line-breaks can be exploited to inject arbitrary SMTP headers, due to a flaw in how setSubject handles input. This can lead to SMTP header manipulation and potential information exposure...

7.5CVSS7.4AI score0.01321EPSS