Lucene search
ApacheCVELIST:CVE-2021-40525HistoryJan 04, 2022 - 8:55 a.m.
CVE-2021-40525 Sieve file storage vulnerable to path traversal attacks
2022-01-0408:55:25
CWE-22
apache
www.cve.org
1
Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.
CNA Affected
[
{
"product": "Apache James",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.6.0",
"status": "affected",
"version": "Apache James",
"versionType": "custom"
}
]
}
]Related
prion
prion
Path traversal
2022-01-04 09:15:00
Design/Logic Flaw
2022-02-07 19:15:00
osv
osv
CVE-2021-40525
2022-01-04 09:15:07
Path traversal in Apache James
2022-01-21 23:36:47
Path Traversal in Apache James Server
2022-02-08 00:00:34
github
github
Path traversal in Apache James
2022-01-21 23:36:47
Path Traversal in Apache James Server
2022-02-08 00:00:34
cve
cve
CVE-2021-40525
2022-01-04 09:15:07
CVE-2022-22931
2022-02-07 19:15:08
nvd
nvd
CVE-2021-40525
2022-01-04 09:15:07
CVE-2022-22931
2022-02-07 19:15:08
cnvd
cnvd
Apache James path traversal vulnerability
2022-01-06 00:00:00
veracode
veracode
Path Traversal
2022-01-05 13:23:53
cvelist
cvelist
CVE-2022-22931 Path traversal in Apache James 3.6.1
2022-02-07 18:50:10