Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-16207

CVE-2017-9801 vulnerability in Commons Emails

    Details

    • Fix Pack Status:
      Scheduled

      Description

      Apache Commons Email is vulnerable to SMTP header injection. See https://nvd.nist.gov/vuln/detail/CVE-2017-9801. Liferay Portal/DE is not vulnerable, however, custom portlets/apps using Commons Email may be vulnerable.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                joshua.cords Joshua Cords
                Reporter:
                EnterpriseReleaseHU Enterprise Release HU
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Packages

                  Version Package
                  6.2.X EE
                  7.0.X EE