CVE-2021-34551
PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname.
| Software | From | Fixed in |
|---|---|---|
| phpmailer_project / phpmailer | - | 6.5.0 |
| fedoraproject / fedora | 33 | 33.x |
| fedoraproject / fedora | 34 | 34.x |
phpmailer / phpmailer
|
- | 6.5.0 |
- https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md
- https://github.com/PHPMailer/PHPMailer/commit/acd264bf17ff4ac5c915f0d4226dce8a9ea70bc3
- https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-7q44-r25x-wm4q
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YRMWGA4VTMXFB22KICMB7YMFZNFV3EJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJYSOFCUBS67J3TKR74SD3C454N7VTYM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YRMWGA4VTMXFB22KICMB7YMFZNFV3EJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FJYSOFCUBS67J3TKR74SD3C454N7VTYM/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime