Docker postgres version Vulnerability

Issue date: 02-10-2024
Affects versions: 15.6, 15.5, 15.4, 14.6

Security Issue ID

SECURITY-549

Affected Product Version(s)

15.6.0, 14.7.21 (and previous patch releases)

Severity

Medium

Description

CVE-2024-21742

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages.

CVSS v3 Base Score: N/A

CWE-20: Improper Input Validation

Instructions

Customers are recommended to upgrade to the latest version. As of the time of writing, 14.7.22, 15.7.0.

Content Application

Channels

Projects

Relevance

Architecture

Concepts

Platform Configuration

Frontend Integration

Backend Development

Commerce Accelerator

Cloud Deployment (PaaS)

On-Premise Deployment

Security

Release Management

Platform Development

Bloomreach Documentation version

Docker postgres version Vulnerability