CVE-2020-28247

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-28247
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-28247.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-28247
Aliases
Published
2020-11-12T18:15:15Z
Modified
2024-06-13T07:24:06.991554Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs.

References

Affected packages

Git / github.com/lettre/lettre

Affected ranges

Type
GIT
Repo
https://github.com/lettre/lettre
Events
Last affected
0d3988d49935a047ed430a97c7bceeca9d2c346c
Introduced
91a17ae2816942b20469b5f8f60daa4614cdaea1
Last affected
9dadc4d6ebdf42baca9449313c12a1713b24c1c4
Introduced
101189882a7982a52d9ba86d2e873b147fac7cb4
Last affected
d930c42d5069e344a9dfa84ebe4b60bf3b11ac64

Affected versions

v0.*

v0.8.0