CVE-2025-14874
- EPSS 0.08%
- Veröffentlicht 18.12.2025 08:40:31
- Zuletzt bearbeitet 08.01.2026 03:15:43
A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
CVE-2025-13033
- EPSS 0.07%
- Veröffentlicht 14.11.2025 19:37:08
- Zuletzt bearbeitet 03.02.2026 22:16:27
A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. Th...
CVE-2025-5417
- EPSS 0.02%
- Veröffentlicht 19.08.2025 04:28:08
- Zuletzt bearbeitet 19.08.2025 16:15:29
An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespac...
CVE-2023-6944
- EPSS 0.22%
- Veröffentlicht 04.01.2024 10:15:11
- Zuletzt bearbeitet 05.09.2025 12:15:31
A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the fron...