Vulnerabilities (CVE)

Filtered by vendor Lettre Subscribe
Filtered by product Lettre
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38189 1 Lettre 1 Lettre 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the lettre crate before 0.9.6 for Rust. In an e-mail message body, an attacker can place a . character after two <CR><LF> sequences and then inject arbitrary SMTP commands.
CVE-2020-28247 1 Lettre 1 Lettre 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs.