CVE-2024-21742

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-21742

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21742.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-21742

Aliases

GHSA-jw7r-rxff-gv24

Downstream

DEBIAN-CVE-2024-21742

OESA-2024-1333

OESA-2024-1475

OESA-2024-1476

OESA-2024-1477

OESA-2024-1478

OESA-2024-1479

UBUNTU-CVE-2024-21742

Related

Published

2024-02-27T17:15:12Z

Modified

2025-08-09T19:01:26Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages.

References

Affected packages