CVE-2025-7962

HIGH(7.5)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Risk Signal Score19/100 — NIEDRIG

CVSS 7.5 — Hoch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

7.5

Technische Schwere

Beschreibung

In Jakarta Mail versions prior to 2.0.2 it is possible to perform an SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages.

Referenzen

https://gitlab.eclipse.org/security/cve-assignement/-/issues/67
http://www.openwall.com/lists/oss-security/2025/09/03/4