GCVE-VVD-MAGEIA-2017-322

Advisory Published

Vulnetix · Advisory published September 1, 2017

In apache-commons-email before 1.5, when a call-site passes a subject for an email that contains line-breaks, the caller can add arbitrary SMTP headers (CVE-2017-9801).

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
Mageia	apache-commons-email	0 (affected), 1.3.1-4.1.mga5 (unaffected)	—
Mageia	apache-commons-email	0 (affected), 1.3.1-10.1.mga6 (unaffected)	—

Aliases

CVE-2017-9801

Transitive aliases

GHSA-p7vm-phxx-g722 EUVD-2022-4710

References

Updated apache-commons-email packages fix security vulnerability

advisory

Updated apache-commons-email packages fix security vulnerability

issue

Updated apache-commons-email packages fix security vulnerability

issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON