Search for packages
Package details: pkg:composer/phpmailer/phpmailer@5.0.0
purl pkg:composer/phpmailer/phpmailer@5.0.0
Tags Ghost
Next non-vulnerable version 6.5.0
Latest non-vulnerable version 6.5.0
Risk 10.0
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-429k-1vmw-kfgp
Aliases:
CVE-2017-11503
GHSA-58mj-pw57-4vm2
5.2.24
Affected by 4 other vulnerabilities.
VCID-6t22-awsw-fybd
Aliases:
CVE-2015-8476
GHSA-738m-f33v-qc2r
SMTP Injection in PHPMailer ### Impact Attackers could inject arbitrary SMTP commands via by exploiting the fact that valid email addresses may contain line breaks, which are not handled correctly in some contexts. ### Patches Fixed in 5.2.14 in [this commit](https://github.com/PHPMailer/PHPMailer/commit/6687a96a18b8f12148881e4ddde795ae477284b0). ### Workarounds Manually strip line breaks from email addresses before passing them to PHPMailer. ### References https://nvd.nist.gov/vuln/detail/CVE-2015-8476 ### For more information If you have any questions or comments about this advisory: * Open a private issue in [the PHPMailer project](https://github.com/PHPMailer/PHPMailer)
5.2.14
Affected by 8 other vulnerabilities.
VCID-ehef-kh9v-h7gd
Aliases:
CVE-2016-10045
GHSA-4pc3-96mx-wwc8
5.2.20
Affected by 6 other vulnerabilities.
VCID-p3ee-1tqh-jycz
Aliases:
CVE-2016-10033
GHSA-5f37-gxvh-23v6
5.2.18
Affected by 7 other vulnerabilities.
VCID-tgrc-1eek-q7e9
Aliases:
CVE-2018-19296
GHSA-7w4p-72j7-v7c2
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
5.2.27
Affected by 3 other vulnerabilities.
6.0.6
Affected by 3 other vulnerabilities.
VCID-xhxb-gh4u-57gh
Aliases:
CVE-2017-5223
GHSA-4x5h-cr29-fhp6
5.2.22
Affected by 5 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-01T11:14:39.172546+00:00 GitLab Importer Affected by VCID-p3ee-1tqh-jycz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmailer/phpmailer/CVE-2016-10033.yml 37.0.0
2025-08-01T11:14:38.970769+00:00 GitLab Importer Affected by VCID-ehef-kh9v-h7gd https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmailer/phpmailer/CVE-2016-10045.yml 37.0.0
2025-07-31T12:29:05.330728+00:00 GHSA Importer Affected by VCID-6t22-awsw-fybd https://github.com/advisories/GHSA-738m-f33v-qc2r 37.0.0
2025-07-31T12:29:05.281061+00:00 GHSA Importer Affected by VCID-p3ee-1tqh-jycz https://github.com/advisories/GHSA-5f37-gxvh-23v6 37.0.0
2025-07-31T12:29:05.216533+00:00 GHSA Importer Affected by VCID-ehef-kh9v-h7gd https://github.com/advisories/GHSA-4pc3-96mx-wwc8 37.0.0
2025-07-31T12:29:05.162927+00:00 GHSA Importer Affected by VCID-429k-1vmw-kfgp https://github.com/advisories/GHSA-58mj-pw57-4vm2 37.0.0
2025-07-31T12:29:05.118243+00:00 GHSA Importer Affected by VCID-xhxb-gh4u-57gh https://github.com/advisories/GHSA-4x5h-cr29-fhp6 37.0.0
2025-07-31T12:29:05.019592+00:00 GHSA Importer Affected by VCID-tgrc-1eek-q7e9 https://github.com/advisories/GHSA-7w4p-72j7-v7c2 37.0.0
2025-07-31T09:21:58.860672+00:00 GitLab Importer Affected by VCID-429k-1vmw-kfgp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/phpmailer/phpmailer/CVE-2017-11503.yml 37.0.0