Sign In

PSF-2019-16

ADVISORY - docker

Summary

It is possible to inject email headers using CR or LF character.

The fix disallows CR and LF characters in email.headerregistry.Address arguments to guard against header injection attacks.

Common Weakness Enumeration (CWE)

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in