VYPR
Moderate severityNVD Advisory· Published Jul 21, 2025· Updated Nov 4, 2025

CVE-2025-7962

CVE-2025-7962

Description

In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.eclipse.angus:smtpMaven
< 2.0.42.0.4
com.sun.mail:jakarta.mailMaven
< 1.6.81.6.8
com.sun.mail:jakarta.mailMaven
>= 2.0.0, < 2.0.22.0.2

Affected products

69

Patches

Vulnerability mechanics

References

9

News mentions

1