org.apache.commons:commons-email (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.apache.commons:commons-email, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2017-9801 — CVSS 7.5 (high): When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add…
CVE-2018-1294 — CVSS 7.5 (high): If a user of Apache Commons Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and…