CVE-2017-9801 ( commons-email )

When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9801
author: Vinod Anandan <vinod@owasp.org> 2017-08-14 22:01:53 +0100
committer: Simon Brandhof <simon.brandhof@sonarsource.com> 2017-08-22 08:51:35 +0200
commit: 51045662605d5ff9aa48fdf52201c02e8de634cd (patch)
tree: 7c8e0db607763e1fe82cdeaa0ece021d57ec4612 /pom.xml
parent: 6188784ad17e7bd5ce23a2d24f2c44d25e0c0166 (diff)
download: sonarqube-51045662605d5ff9aa48fdf52201c02e8de634cd.tar.gz
sonarqube-51045662605d5ff9aa48fdf52201c02e8de634cd.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/pom.xml b/pom.xml
index ec3b222af0c..ad4bb79ded1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -744,7 +744,7 @@
       <dependency>
         <groupId>org.apache.commons</groupId>
         <artifactId>commons-email</artifactId>
-        <version>1.3.2</version>
+        <version>1.5</version>
       </dependency>
       <dependency>
         <groupId>commons-lang</groupId>
author	Vinod Anandan <vinod@owasp.org>	2017-08-14 22:01:53 +0100
committer	Simon Brandhof <simon.brandhof@sonarsource.com>	2017-08-22 08:51:35 +0200
commit	51045662605d5ff9aa48fdf52201c02e8de634cd (patch)
tree	7c8e0db607763e1fe82cdeaa0ece021d57ec4612 /pom.xml
parent	6188784ad17e7bd5ce23a2d24f2c44d25e0c0166 (diff)
download	sonarqube-51045662605d5ff9aa48fdf52201c02e8de634cd.tar.gz sonarqube-51045662605d5ff9aa48fdf52201c02e8de634cd.zip