CNNVD-202509-4322 Information
CNNVD ID
CNNVD-202509-4322
Related CVE
- CNNVD Published: 2025-09-29
Description (Chinese)
go-mail是Winni Neessen个人开发者的一个具有邮件发送功能的Golang库。 go-mail 0.7.0及之前版本存在参数注入漏洞,该漏洞源于对mail.Address值处理不当,可能导致错误地址路由或ESMTP参数夹带。
Description (English)
Go-mail is a Golang library with email functions for Winni Neessen personal developers. Go-mail 0.7.0 and previous versions contain a gap in the parameters, which arises from the inappropriate handling of the mail.Address values, which may lead to the wrong address route or ESMTP parameter belt.
Hazard Level
High
Vulnerability Type
参数注入
Affected Vendor
个人开发者
Published
2025-09-29
Last Modified
2026-02-24
References
https://github.com/wneessen/go-mail/commit/42e92cfe027be04aff72921adb0f72f11d517479 https://github.com/wneessen/go-mail/issues/495 https://github.com/wneessen/go-mail/pull/496 https://github.com/wneessen/go-mail/security/advisories/GHSA-wpwj-69cm-q9c5
Patch
https://github.com/wneessen/go-mail/releases
Share on: