[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13033/node-nodemailer
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 14 20:30:34 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8da0c6ec by Salvatore Bonaccorso at 2025-11-14T21:30:09+01:00
Add CVE-2025-13033/node-nodemailer
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -69,7 +69,9 @@ CVE-2025-13169 (A security vulnerability has been detected in code-projects Simp
CVE-2025-13168 (A weakness has been identified in ury-erp ury up to 0.2.0. This affect ...)
NOT-FOR-US: ury-erp ury
CVE-2025-13033 (A vulnerability was identified in the email parsing library due to imp ...)
- TODO: check
+ - node-nodemailer 7.0.9+~7.0.2-1
+ NOTE: https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87
+ NOTE: Fixed by: https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626 (v7.0.7)
CVE-2025-12897
REJECTED
CVE-2025-12187
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8da0c6ec56d82219c783257bd08cb51d840838f5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8da0c6ec56d82219c783257bd08cb51d840838f5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251114/7125a756/attachment.htm>
More information about the debian-security-tracker-commits
mailing list