CVE-2020-36326

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-36326

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36326.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-36326

Aliases

Related

UBUNTU-CVE-2020-36326

Published

2021-04-28T03:15:07Z

Modified

2024-09-18T03:12:46.766753Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in safe contexts. As an unintended side effect, this fix eliminated the code that blocked addAttachment exploitation.

References

Affected packages

Debian:11 / libphp-phpmailer

Package

Name: libphp-phpmailer
Purl: pkg:deb/debian/libphp-phpmailer?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.2.0-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libphp-phpmailer

Package

Name: libphp-phpmailer
Purl: pkg:deb/debian/libphp-phpmailer?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.2.0-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libphp-phpmailer

Package

Name: libphp-phpmailer
Purl: pkg:deb/debian/libphp-phpmailer?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.2.0-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/phpmailer/phpmailer

Affected ranges

Type: GIT
Repo: https://github.com/phpmailer/phpmailer
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e2e07a355ee8ff36aba21d0242c5950c56e4c6f9

Type: GIT
Repo: https://github.com/wordpress/wordpress
Events: Introduced

3921fd373acaeeeee2029f762b676075cf375b33

Fixed

bcffb1781f8e2cbea477ffa2c7a36f350f848462

Type: GIT
Repo: https://github.com/wordpress/wordpress-develop
Events: Introduced

f1d358137f7ed657db6afec1b1eca0b9f7814e25

Fixed

48daa917c86b7b0c33d12f775ff81ae65353b006

Affected versions

v2.*

v2.2.1

v5.*

v5.2.0

v5.2.1

v5.2.10

v5.2.11

v5.2.12

v5.2.13

v5.2.14

v5.2.15

v5.2.16

v5.2.17

v5.2.18

v5.2.19

v5.2.2

v5.2.20

v5.2.21

v5.2.22

v5.2.23

v5.2.24

v5.2.25

v5.2.4

v5.2.5

v5.2.6

v5.2.7

v5.2.8

v5.2.9

v6.*

v6.0.0

v6.0.0rc1

v6.0.0rc2

v6.0.0rc3

v6.0.0rc4

v6.0.0rc5

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.0.6

v6.0.7

v6.1.0

v6.1.1

v6.1.2

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7