github.com/axllent/mailpit Security Advisories - Go | Ecosyste.ms: Advisories

github.com/axllent/mailpit

Package main is the entrypoint

View on github.com · View on proxy.golang.org

Security Advisories for github.com/axllent/mailpit in go

High

12 days ago

Mailpit: Unauthenticated remote memory-exhaustion DoS via unlimited SMTP DATA and /api/v1/send body sizes GSA_kwCzR0hTQS1mcHhqLW01cTgtZnBod84ABXGw

go github.com/axllent/mailpit

Moderate

12 days ago

Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write) GSA_kwCzR0hTQS13NHZqLXI1cGctMzcyMs4ABXGv

go github.com/axllent/mailpit

Moderate

12 days ago

Mailpit: Path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs GSA_kwCzR0hTQS1xeDV4LTg1cDgtdmc0as4ABXGu

go github.com/axllent/mailpit

Moderate

12 days ago

Mailpit has an incomplete fix for GHSA-6jxm: HTML check still permits SSRF to private/loopback/IMDS via missing IP-filter dialer GSA_kwCzR0hTQS1qM2ZqLXFwcGotZm1tY84ABXGt

go github.com/axllent/mailpit

Moderate

3 months ago

Mailpit is Vulnerable to Server-Side Request Forgery (SSRF) via Link Check API GSA_kwCzR0hTQS1tcGY3LXA5eDctOTZyM84ABS2z

go github.com/axllent/mailpit

Moderate

4 months ago

Mailpit has a Server-Side Request Forgery (SSRF) via HTML Check API GSA_kwCzR0hTQS02anhtLWZ2N3ctcnc1as4ABRUR

go github.com/axllent/mailpit

Moderate

4 months ago

Mailpit has an SMTP Header Injection via Regex Bypass GSA_kwCzR0hTQS01NHdxLTcybXAtY3E3Y84ABRSI

go github.com/axllent/mailpit

Moderate

5 months ago

Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails GSA_kwCzR0hTQS01MjRtLXE1bTctNzltbc4ABQ9i

go github.com/axllent/mailpit

Moderate

5 months ago

Mailpit Proxy Endpoint has Server-Side Request Forgery (SSRF) vulnerability GSA_kwCzR0hTQS04djY1LTQ3angtN21mcs4ABQvQ

go github.com/axllent/mailpit

Filter by Severity

Moderate 8 High 1