CVE-2020-13625

Priority
Description
PHPMailer before 6.1.6 contains an output escaping bug when the name of a
file attachment contains a double quote character. This can result in the
file type being misinterpreted by the receiver or any mail relay processing
the message.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):released (5.2.14+dfsg-2.3+deb9u2build0.18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):not-affected
Ubuntu 20.10 (Groovy Gorilla):not-affected (6.1.6-1)
More Information

Updated: 2020-09-16 18:15:16 UTC (commit b1fba861d75a9d07d8086470f9dd5cf7b82db40a)