This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2020-11-12T08:30:17.442903Z

Updated: 2024-09-16T18:50:22.395Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7769

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-11-12T09:15:11.203

Modified: 2024-11-21T05:37:46.120

Link: CVE-2020-7769

cve-icon Redhat

No data.