GHSA-hgr8-g756-vmg9

Source

https://github.com/advisories/GHSA-hgr8-g756-vmg9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-hgr8-g756-vmg9/GHSA-hgr8-g756-vmg9.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-hgr8-g756-vmg9

Aliases

CVE-2017-15806

Published

2022-05-17T00:18:44Z

Modified

2024-04-23T23:26:47.356627Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Zeta Components Mail Arbitrary code execution via a crafted email address

Details

The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one containing "-X/path/to/wwwroot/file.php."

Database specific

{
    "nvd_published_at": "2017-11-15T16:29:00Z",
    "cwe_ids": [
        "CWE-94"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-23T23:01:34Z"
}

References

Affected packages

Packagist / zetacomponents/mail

Package

Name: zetacomponents/mail
Purl: pkg:composer/zetacomponents/mail

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.8.2

Affected versions

1.*

1.1alpha1

1.1beta1

1.1beta2

1.1rc1

1.1

1.1.1

1.1.2

1.2beta1

1.2beta2

1.2

1.3beta2

1.3rc1

1.3

1.4alpha1

1.4alpha2

1.4beta1

1.4rc1

1.4

1.4.1

1.4.2

1.4.3

1.5alpha1

1.5beta1

1.5rc1

1.5

1.5.1

1.5.2

1.6alpha1

1.6beta1

1.6rc1

1.6

1.6.1

1.6.2

1.6.3

1.7alpha1

1.7beta1

1.7rc1

1.7

1.8beta1

1.8

1.8.1