Skip to content

[GHSA-fv2f-rw9f-v9cm] An issue in Nodemailer smtp_server before v.3.18.3 allows...#7706

Merged
advisory-database[bot] merged 2 commits into
blue2cat/advisory-improvement-7706from
blue2cat-GHSA-fv2f-rw9f-v9cm
Jun 29, 2026
Merged

[GHSA-fv2f-rw9f-v9cm] An issue in Nodemailer smtp_server before v.3.18.3 allows...#7706
advisory-database[bot] merged 2 commits into
blue2cat/advisory-improvement-7706from
blue2cat-GHSA-fv2f-rw9f-v9cm

Conversation

@blue2cat

@blue2cat blue2cat commented May 15, 2026

Copy link
Copy Markdown

Updates

  • Affected products
  • Description
  • Summary

Comments
The suggusted improvement adds PoC code and a more detailed description of the vulnerability.

Copilot AI review requested due to automatic review settings May 15, 2026 21:52
@github-actions github-actions Bot changed the base branch from main to blue2cat/advisory-improvement-7706 May 15, 2026 21:53

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Enhances an unreviewed advisory for smtp-server (GHSA-fv2f-rw9f-v9cm / CVE-2026-38728) with a richer summary, technical details, PoC, impact statement, and a populated affected package entry for the npm smtp-server package.

Changes:

  • Added summary field and expanded details with Summary/Details/PoC/Impact sections.
  • Populated previously empty affected array with the npm smtp-server package and a version range.
  • Bumped the modified timestamp.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread advisories/unreviewed/2026/05/GHSA-fv2f-rw9f-v9cm/GHSA-fv2f-rw9f-v9cm.json Outdated

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

@github-actions

Copy link
Copy Markdown

👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.

@github-actions github-actions Bot added the Stale label Jun 19, 2026
@advisory-database advisory-database Bot merged commit 1b30352 into blue2cat/advisory-improvement-7706 Jun 29, 2026
7 of 8 checks passed
@advisory-database

Copy link
Copy Markdown
Contributor

Hi @blue2cat! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!

@advisory-database advisory-database Bot deleted the blue2cat-GHSA-fv2f-rw9f-v9cm branch June 29, 2026 22:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants