CVE-2024-21742

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-21742

Severity

Unknown

Description

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages.

References

https://images.chainguard.dev/security/CGA-c767-335j-hmc4
https://github.com/advisories/GHSA-jw7r-rxff-gv24
https://images.chainguard.dev/security/CGA-2qhj-cqh5-659p
https://images.chainguard.dev/security/CGA-778j-8693-xfqm
https://images.chainguard.dev/security/CGA-49jv-2gch-w8m7
https://images.chainguard.dev/security/CGA-rfg9-4wqj-36v6
https://images.chainguard.dev/security/CGA-x2mp-f2qg-g22x
https://lists.apache.org/thread/nrqzg93219wdj056pqfszsd33dc54kfy
http://www.openwall.com/lists/oss-security/2024/02/27/5
https://security-tracker.debian.org/tracker/CVE-2024-21742

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2024-21742

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources