This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2020-11-12T08:30:17.442903Z
Updated: 2024-09-16T18:50:22.395Z
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7769
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-11-12T09:15:11.203
Modified: 2024-11-21T05:37:46.120
Link: CVE-2020-7769
Redhat
No data.