Vulnerabilities > Nodemailer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-29 | CVE-2021-23400 | Injection vulnerability in Nodemailer The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object. | 6.8 |
2020-11-12 | CVE-2020-7769 | Injection vulnerability in Nodemailer This affects the package nodemailer before 6.4.16. | 7.5 |