mailparser icon indicating copy to clipboard operation
mailparser copied to clipboard
verified publisher icon nodemailer

Security vulnerability for nodemailer < 7.0.11

Open benasher44 opened this issue 1 month ago • 2 comments

Looks like there's a DoS vulnerability in prior versions email address parsing logic.

benasher44 avatar Dec 02 '25 22:12 benasher44

Flagged as HIGH vulnerability:

  • https://security.snyk.io/vuln/SNYK-JS-NODEMAILER-14157156
  • https://github.com/nodemailer/nodemailer/security/advisories/GHSA-rcmh-qjqh-p98v

Kindly requesting to reopen and merge the closed PR 🙏

damien-thiesson avatar Dec 10 '25 07:12 damien-thiesson

yes, please publish a new release with the fix

spotlesscoder avatar Dec 10 '25 12:12 spotlesscoder

Fixed in mailparser 3.9.1 (6879d1b)

StevenGBrown avatar Dec 20 '25 01:12 StevenGBrown