CVE-2025-7962
HIGHDescription
In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages.
Is your site exposed to CVE-2025-7962?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| eclipse | jakarta_mail |
| eclipse | jakarta_mail |
| eclipse | angus_mail |
References
Frequently Asked Questions
What is CVE-2025-7962? +
How severe is CVE-2025-7962? +
What products are affected by CVE-2025-7962? +
How do I check if I'm vulnerable to CVE-2025-7962? +
Related Vulnerabilities
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations …
matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging protocol. The provisioning API of the matrix-appservice-irc bridge up to …
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations …
Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute …
In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no …
In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.