VDB

GCVE-110-MAGEIA-2018-136

GCVE-110-MAGEIA-2018-136
Advisory Published
Vulnetix · Advisory published February 24, 2018
Apache Commons-Email, from version 1.0 to 1.4 inclusive, does not properly validate bounce addresses. If a user of Commons-Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details (recipients, contents, etc.) might be manipulated (CVE-2018-1294).

Affected Products

VendorProductVersionsPlatforms
Mageiaapache-commons-email1.5-1.mga6 (unaffected), 0 (affected), 1.5-1.mga6 (unaffected), 0 (affected)
Mageiasupertuxkart0.9.3-1.mga6 (unaffected), 0 (affected)

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›