CNNVD-202511-1734 Information
CNNVD ID
CNNVD-202511-1734
Related CVE
- CNNVD Published: 2025-11-14
Description (Chinese)
Nodemailer是Nodemailer团队的一个使用可提供发送邮件功能的 JS 代码库。 Nodemailer存在安全漏洞,该漏洞源于电子邮件解析库处理不当,可能导致电子邮件被错误定向至攻击者地址,造成数据泄露。
Description (English)
Nodemailer is one of the Nodemailer teams using the JS Code Library, which provides sending functions. There is a security loophole in Nodemailer, which stems from the mishandling of the e-mail resolver, which could lead to the misdirection of the e-mail to the target ’ s address and the release of data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Nodemailer
Published
2025-11-14
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2025-13033 https://bugzilla.redhat.com/show_bug.cgi?id=2402179 https://github.com/nodemailer/nodemailer https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626 https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87
Patch
https://github.com/nodemailer/nodemailer/releases
Share on: