Package impact
RubyGems / mail
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-2140 | high | — | 7.5 | 14y ago | The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery. | |||
| CVE-2011-0739 | medium | — | 6.8 | 16y ago | Mail Improper Input Validation vulnerability | |||
| CVE-2015-9097 | medium | 6.1 | 6.1 | 11y ago | The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences imm… | |||
| CVE-2012-2139 | medium | — | 5.0 | 14y ago | Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the… |