org.apache.sling:org.apache.sling.commons.messaging.mail@1.0.0 vulnerabilities
-
latest version
2.0.0
-
latest non vulnerable version
-
first published
4 years ago
-
latest version published
2 years ago
-
licenses detected
- [1.0.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.sling:org.apache.sling.commons.messaging.mail package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.apache.sling:org.apache.sling.commons.messaging.mail is a part of Apache Sling project. This module provides a simple layer on top of Jakarta Mail 2.0 (package jakarta.mail) including a message builder and a service to send mails via SMTPS. Affected versions of this package are vulnerable to Insecure Defaults due to a missing validation of the SMTPS server hostname certificate during the handling of the TLS connection to the SMTPS server. How to fix Insecure Defaults? Upgrade |
[1.0.0,2.0.0)
|