]> source.dussan.org Git - sonarqube.git/commit
projects / sonarqube.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6188784) | patch
CVE-2017-9801 ( commons-email )
authorVinod Anandan <vinod@owasp.org>
Mon, 14 Aug 2017 21:01:53 +0000 (22:01 +0100)
committerSimon Brandhof <simon.brandhof@sonarsource.com>
Tue, 22 Aug 2017 06:51:35 +0000 (08:51 +0200)
commit51045662605d5ff9aa48fdf52201c02e8de634cd
tree7c8e0db607763e1fe82cdeaa0ece021d57ec4612tree | snapshot
parent6188784ad17e7bd5ce23a2d24f2c44d25e0c0166commit | diff
CVE-2017-9801 ( commons-email )

When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9801
pom.xml diff | blob | history
Continuous Inspection: https://github.com/SonarSource/sonarqube