GHSA-rq6q-hjvh-5mwh: Flow Swift Mailer package Remote code execution

May 17, 2024

A remote code execution vulnerability has been found in the Swift Mailer library (swiftmailer/swiftmailer) recently. See this advisory for details. If you are not using the default mail() transport, this particular problem does not affect you. Upgrading is of course still recommended!

References

github.com/FriendsOfPHP/security-advisories/blob/master/neos/swiftmailer/2017-01-06.yaml
github.com/advisories/GHSA-rq6q-hjvh-5mwh
github.com/neos/swiftmailer
www.neos.io/blog/flow-sa-2017-01.html

Detect and mitigate GHSA-rq6q-hjvh-5mwh with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →