Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:27882
HistoryNov 13, 2020 - 4:43 a.m.

Command Injection

2020-11-1304:43:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11

0.025 Low

EPSS

Percentile

90.3%

JSON

nodemailer is vulnerable to command injection. An attacker can inject malicious command flag via recipient email addresses in sendmail transport due to lack of validation for invalid email addresses.

CPENameOperatorVersion
nodemailerle6.4.15
nodemailerle6.3.1

Related

debiancve 1
nodejs 1
osv 2
ibm 4
ubuntucve 1
cvelist 1
cve 1
prion 1
nvd 1
github 1
debiancve
debiancve
CVE-2020-7769
2020-11-12 09:15:11
nodejs
nodejs
Command Injection
2021-05-10 19:18:06
osv
osv
Command injection in nodemailer
2021-05-10 19:16:52
CVE-2020-7769
2020-11-12 09:15:11
ibm
ibm
Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise and IBM Integration Bus (CVE-2020-7769)
2021-01-25 11:08:51
Security Bulletin: A security vulnerability in Node.js nodemailer module affects IBM Cloud Automation Manager.
2021-02-23 16:11:48
Security Bulletin: Version 6.4.6 of Node.js module nodemailer included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability
2021-01-04 13:24:03
ubuntucve
ubuntucve
CVE-2020-7769
2020-11-12 00:00:00
cvelist
cvelist
CVE-2020-7769 Command Injection
2020-11-12 00:00:00
cve
cve
CVE-2020-7769
2020-11-12 09:15:11
prion
prion
Command injection
2020-11-12 09:15:00
nvd
nvd
CVE-2020-7769
2020-11-12 09:15:11
github
github
Command injection in nodemailer
2021-05-10 19:16:52

0.025 Low

EPSS

Percentile

90.3%

JSON
Related for VERACODE:27882
debiancve1nodejs1osv2ibm4ubuntucve1cvelist1cve1prion1nvd1github1