Skip to content

Commit f4c0b0f

Browse files
kmoenskmoens
committed
1 parent f72c3f8 commit f4c0b0f

File tree

1 file changed

+50
-4
lines changed

1 file changed

+50
-4
lines changed

advisories/github-reviewed/2025/07/GHSA-9342-92gg-6v29/GHSA-9342-92gg-6v29.json

Lines changed: 50 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -9,10 +9,6 @@
99
"summary": "Jakarta Mail vulnerable to SMTP Injection",
1010
"details": "In Jakarta Mail 2.2 it is possible to preform a SMTP Injection by utilizing the \\r and \\n UTF-8 characters to separate different messages.",
1111
"severity": [
12-
{
13-
"type": "CVSS_V3",
14-
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
15-
},
1612
{
1713
"type": "CVSS_V4",
1814
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"
@@ -37,13 +33,59 @@
3733
]
3834
}
3935
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "Maven",
40+
"name": "com.sun.mail:jakarta.mail"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "0"
48+
},
49+
{
50+
"fixed": "1.6.8"
51+
}
52+
]
53+
}
54+
]
55+
},
56+
{
57+
"package": {
58+
"ecosystem": "Maven",
59+
"name": "com.sun.mail:jakarta.mail"
60+
},
61+
"ranges": [
62+
{
63+
"type": "ECOSYSTEM",
64+
"events": [
65+
{
66+
"introduced": "2.0.0"
67+
},
68+
{
69+
"fixed": "2.0.2"
70+
}
71+
]
72+
}
73+
]
4074
}
4175
],
4276
"references": [
4377
{
4478
"type": "ADVISORY",
4579
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7962"
4680
},
81+
{
82+
"type": "WEB",
83+
"url": "https://github.com/jakartaee/mail-api/issues/765"
84+
},
85+
{
86+
"type": "WEB",
87+
"url": "https://github.com/jakartaee/mail-api/pull/760"
88+
},
4789
{
4890
"type": "WEB",
4991
"url": "https://github.com/eclipse-ee4j/angus-mail/commit/269099b652a0a5c2fa140f1296a18f0fbbea0d44"
@@ -60,6 +102,10 @@
60102
"type": "WEB",
61103
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/290"
62104
},
105+
{
106+
"type": "WEB",
107+
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/290#note_5320539"
108+
},
63109
{
64110
"type": "WEB",
65111
"url": "http://www.openwall.com/lists/oss-security/2025/09/03/4"

0 commit comments

Comments
 (0)