Debian Libphp-Phpmailer vulnerabilities

CVE-2021-3603 [HIGH] CVE-2021-3603: libphp-phpmailer - PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted... PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddress() is set to 'php' (the default, defined by PHPMailer::$validator), and the global namespace contains a function called php, it will be cal

CVE-2021-34551 [HIGH] CVE-2021-34551: libphp-phpmailer - PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is u... PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2020-36326 [HIGH] CVE-2020-36326: libphp-phpmailer - PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserializati... PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in safe contexts. As an unintended side effect, this fix eliminate

CVE-2020-13625 [HIGH] CVE-2020-13625: libphp-phpmailer - PHPMailer before 6.1.6 contains an output escaping bug when the name of a file a... PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message. Scope: local bookworm: resolved (fixed in 6.1.6-1) bullseye: resolved (fixed in 6.1.6-1) forky: resolved (fixed in 6.1.6-1

CVE-2018-19296 [HIGH] CVE-2018-19296: libphp-phpmailer - PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injectio... PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack. Scope: local bookworm: resolved (fixed in 5.2.14+dfsg-2.4) bullseye: resolved (fixed in 5.2.14+dfsg-2.4) forky: resolved (fixed in 5.2.14+dfsg-2.4) sid: resolved (fixed in 5.2.14+dfsg-2.4) trixie: resolved (fixed in 5.2.14+dfsg-2.4)

CVE-2017-5223 [MEDIUM] CVE-2017-5223: libphp-phpmailer - An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a... An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base directory is provided, it resolves to /, meaning that relative

CVE-2017-11503 [MEDIUM] CVE-2017-11503: libphp-phpmailer - PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fiel... PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php. Scope: local bookworm: resolved (fixed in 6.0.6-0.1) bullseye: resolved (fixed in 6.0.6-0.1) forky: resolved (fixed in 6.0.6-0.1) sid: resolved (fixed in 6.0.6-0.1) trixie: resolved (fixed in 6.0.6-0.1)

CVE-2016-10033 [CRITICAL] CVE-2016-10033: libphp-phpmailer - The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a... The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property. Scope: local bookworm: resolved (fixed in 5.2.14+dfsg-2.1) bullseye: resolved (fixed in 5.2.14+dfsg-2.1)

CVE-2016-10045 [CRITICAL] CVE-2016-10045: libphp-phpmailer - The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to ... The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix f

CVE-2015-8476 [MEDIUM] CVE-2015-8476: libphp-phpmailer - Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attacke... Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796. Scope: local bookworm: resolved

CVE-2007-3215 [MEDIUM] CVE-2007-3215: libphp-phpmailer - PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execu... PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. Scope: local bookworm: resolved (fixed in 1.73-4) bullseye: resolved (fixed in 1.73-4) forky: resolved (fixed in 1.73-4) sid: resolved (fixed in 1.73-4) trixie: resolved (fi

CVE-2005-1807 [MEDIUM] CVE-2005-1807: libphp-phpmailer - The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote... The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field. Scope: local bookworm: resolved (fixed in 1.73) bullseye: resolved (fixed in 1.73) forky: resolved (fixed in 1.73) sid: resolved (fixed in 1.73) trixie: resolve