iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106 reference.
References
Link | Resource |
---|---|
https://github.com/irods/irods/blob/97eb33f130349db5e01a4b85e89dd1da81460345/server/re/src/mailMS.cpp#L94-L106 | Product |
https://github.com/irods/irods/issues/7562 | Issue Tracking |
https://github.com/irods/irods/issues/7651 | Issue Tracking Patch |
https://irods.org/2024/05/irods-4-3-2-is-released/ | Release Notes |
Configurations
History
21 Aug 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-426 |
07 Aug 2024, 18:33
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:irods:irods:*:*:*:*:*:*:*:* | |
References | () https://github.com/irods/irods/blob/97eb33f130349db5e01a4b85e89dd1da81460345/server/re/src/mailMS.cpp#L94-L106 - Product | |
References | () https://github.com/irods/irods/issues/7562 - Issue Tracking | |
References | () https://github.com/irods/irods/issues/7651 - Issue Tracking, Patch | |
References | () https://irods.org/2024/05/irods-4-3-2-is-released/ - Release Notes | |
First Time |
Irods
Irods irods |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
17 Jun 2024, 12:42
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Jun 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-16 16:15
Updated : 2024-08-21 15:35
NVD link : CVE-2024-38462
Mitre link : CVE-2024-38462
CVE.ORG link : CVE-2024-38462
JSON object : View
Products Affected
irods
- irods
CWE