GHSA-xjw3-5r5c-m5ph

Suggest an improvement
Source
https://github.com/advisories/GHSA-xjw3-5r5c-m5ph
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-xjw3-5r5c-m5ph/GHSA-xjw3-5r5c-m5ph.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-xjw3-5r5c-m5ph
Published
2024-06-05T20:47:53Z
Modified
2024-12-02T05:46:56.409211Z
Summary
typo3 Security fix for Flow Swift Mailer package
Details

A remote code execution vulnerability has been found in the Swift Mailer library (swiftmailer/swiftmailer) recently. See this advisory for details. If you are not using the default mail() transport, this particular problem does not affect you. Upgrading is of course still recommended!

Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-05T20:47:53Z"
}
References

Affected packages

Packagist / typo3/swiftmailer

Package

Name
typo3/swiftmailer
Purl
pkg:composer/typo3/swiftmailer

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.1.0
Fixed
4.1.99

Affected versions

4.*

4.1.5

Packagist / typo3/swiftmailer

Package

Name
typo3/swiftmailer
Purl
pkg:composer/typo3/swiftmailer

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.4.0
Fixed
5.4.5

Affected versions

5.*

5.4.1
5.4.2