CVE-2025-14874 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the a…
High CVSS: 7.5

CVE-2025-14874

A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
Vendor
Nodemailer
Product
Nodemailer
CWE
CWE-703
Yayın Tarihi
2025-12-18 09:15:44
Güncelleme
2026-01-08 03:15:43
Source Identifier
secalert@redhat.com
KEV Date Added
-

Kategoriler

CWE-703 Nodemailer HIGH Nodemailer 2025

Referanslar

https://access.redhat.com/security/cve/CVE-2025-14874 https://bugzilla.redhat.com/show_bug.cgi?id=2418133 https://github.com/nodemailer/nodemailer https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150 https://github.com/nodemailer/nodemailer/security/advisories/GHSA-rcmh-qjqh-p98v https://bugzilla.redhat.com/show_bug.cgi?id=2418133 https://github.com/nodemailer/nodemailer/security/advisories/GHSA-rcmh-qjqh-p98v