VulnerableCode Package Details - pkg:gem/mail@2.5.5.rc1

Search for packages

Vulnerability	Summary	Fixed by
VCID-1svp-fwt6-pbey Aliases: CVE-2015-9097 GHSA-q86f-fmqf-qrf6 OSV-131677	SMTP Injection via to/from addresses The mail package does not disallow CRLF in email addresses; an attacker can inject SMTP commands in specially crafted email addresses passed to `RCPT TO` and `MAIL FROM`.	2.5.5 Affected by 0 other vulnerabilities. 2.6.6.rc1 Affected by 0 other vulnerabilities. 2.7.0.rc1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1svp-fwt6-pbey
Aliases:
CVE-2015-9097
GHSA-q86f-fmqf-qrf6
OSV-131677

SMTP Injection via to/from addresses The mail package does not disallow CRLF in email addresses; an attacker can inject SMTP commands in specially crafted email addresses passed to `RCPT TO` and `MAIL FROM`.

2.5.5
Affected by 0 other vulnerabilities.

2.6.6.rc1
Affected by 0 other vulnerabilities.

2.7.0.rc1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1svp-fwt6-pbey	SMTP Injection via to/from addresses The mail package does not disallow CRLF in email addresses; an attacker can inject SMTP commands in specially crafted email addresses passed to `RCPT TO` and `MAIL FROM`.	CVE-2015-9097 GHSA-q86f-fmqf-qrf6 OSV-131677

Vulnerability

Summary

Aliases

VCID-1svp-fwt6-pbey

CVE-2015-9097
GHSA-q86f-fmqf-qrf6
OSV-131677

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:37:12.970974+00:00	GitLab Importer	Fixing	VCID-1svp-fwt6-pbey	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/mail/CVE-2015-9097.yml	38.4.0
2026-04-16T01:19:15.647256+00:00	GHSA Importer	Affected by	VCID-1svp-fwt6-pbey	https://github.com/advisories/GHSA-q86f-fmqf-qrf6	38.4.0
2026-04-11T21:47:50.446083+00:00	GitLab Importer	Fixing	VCID-1svp-fwt6-pbey	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/mail/CVE-2015-9097.yml	38.3.0
2026-04-11T12:47:22.031903+00:00	GHSA Importer	Affected by	VCID-1svp-fwt6-pbey	https://github.com/advisories/GHSA-q86f-fmqf-qrf6	38.3.0
2026-04-02T22:01:45.128940+00:00	GitLab Importer	Fixing	VCID-1svp-fwt6-pbey	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/mail/CVE-2015-9097.yml	38.1.0
2026-04-02T13:42:42.330104+00:00	GHSA Importer	Affected by	VCID-1svp-fwt6-pbey	https://github.com/advisories/GHSA-q86f-fmqf-qrf6	38.1.0
2026-04-01T12:47:15.511160+00:00	GitLab Importer	Fixing	VCID-1svp-fwt6-pbey	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/mail/CVE-2015-9097.yml	38.0.0