NuytsTech Security

CVE-2021-38189

by ·

An issue was discovered in the lettre crate before 0.9.6 for Rust. In an e-mail message body, an attacker can place a . character after two sequences and then inject arbitrary SMTP commands.

Date published : 2021-08-08

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/lettre/RUSTSEC-2021-0069.md

https://rustsec.org/advisories/RUSTSEC-2021-0069.html

Tags: