[GHSA-fv2f-rw9f-v9cm] An issue in Nodemailer smtp_server before v.3.18.3 allows...#7706
Conversation
There was a problem hiding this comment.
Pull request overview
Enhances an unreviewed advisory for smtp-server (GHSA-fv2f-rw9f-v9cm / CVE-2026-38728) with a richer summary, technical details, PoC, impact statement, and a populated affected package entry for the npm smtp-server package.
Changes:
- Added
summaryfield and expandeddetailswith Summary/Details/PoC/Impact sections. - Populated previously empty
affectedarray with the npmsmtp-serverpackage and a version range. - Bumped the
modifiedtimestamp.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the |
1b30352
into
blue2cat/advisory-improvement-7706
|
Hi @blue2cat! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future! |
Updates
Comments
The suggusted improvement adds PoC code and a more detailed description of the vulnerability.