Lucene search
China National Vulnerability DatabaseCNVD-2022-01767HistoryJan 07, 2022 - 12:00 a.m.
Apache James Command Injection Vulnerability
2022-01-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.001 Low
EPSS
Percentile
34.6%
Apache James is an open source Smtp and Pop3 mail transfer agent and Nntp news server written entirely in Java by the Apache Foundation. Apache James 3.6.1 is vulnerable to a command injection vulnerability that could be exploited by attackers to perform a man-in-the-middle command injection attack, resulting in the disclosure of sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache james | eq | 3.6.1 |
Related
github
github
Command Injection in Apache James
2022-01-08 00:40:33
Apache James vulnerable to buffering attack
2022-09-09 00:00:57
cve
cve
CVE-2021-38542
2022-01-04 09:15:07
CVE-2022-28220
2022-09-08 08:15:07
nvd
nvd
CVE-2021-38542
2022-01-04 09:15:07
CVE-2022-28220
2022-09-08 08:15:07
osv
osv
Command Injection in Apache James
2022-01-08 00:40:33
CVE-2021-38542
2022-01-04 09:15:07
Apache James vulnerable to buffering attack
2022-09-09 00:00:57
veracode
veracode
Information Disclosure
2022-01-05 17:31:14
prion
prion
Command injection
2022-01-04 09:15:00
Command injection
2022-09-08 08:15:00
cvelist
cvelist
CVE-2021-38542 Apache James vulnerable to STARTTLS command injection (IMAP and POP3)
2022-01-04 08:55:21
CVE-2022-28220 STARTTLS command injection in Apache JAMES
2022-09-08 07:40:09