CVE-2015-8476: Multiple CRLF injection vulnerabilities
(updated )
Multiple CRLF injection vulnerabilities allow attackers to inject arbitrary SMTP commands via CRLF sequences in an email address to the validateAddress
function in class.phpmailer.php
or SMTP command to the sendCommand
function in class.smtp.php
.
References
Detect and mitigate CVE-2015-8476 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →