CVE-2020-28247

CVE-2020-28247

EPSS 1.5%

The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/lettre/lettre https://github.com/RustSec/advisory-db/pull/478/files https://rustsec.org/advisories/RUSTSEC-2020-0069.html