Advisories for Composer/Zendframework/Zend-Mail package

When using the zend-mail component to send email via the Zend\Mail\Transport\Sendmail transport, a malicious user may be able to inject arbitrary parameters to the system sendmail program. The attack is performed by providing additional quote characters within an address; when unsanitized, they can be interpreted as additional command line arguments, leading to the vulnerability. The following example demonstrates injecting additional parameters to the sendmail binary via the From address: use …

CRLF injection vulnerability allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email.

The setFrom function in the Sendmail adapter in the zend-mail component might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " in a crafted e-mail address.

A malicious user may be able to inject arbitrary parameters to the system Sendmail program. The attack is performed by providing additional quote characters within an address; when unsanitized, they can be interpreted as additional command line arguments, leading to the vulnerability.