Lucene search
K

apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider

🗓️ 29 Mar 2023 11:43:38Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 2 Views

Apache James Mime4j TempFileStorageProvider may set unsafe permissions, enabling local access.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Data Replication on Cloud Pak for Data vulnerabile to Apache James MIME4J vulnerability
8 Nov 202312:47
ibm
IBM Security Bulletins
Security Bulletin: vulnerability in Apache James MIME4J (CVE-2022-45787) may affect TXSeries for Multiplatforms
10 Mar 202316:20
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to information disclosure due to Apache James MIME4J (CVE-2022-45787)
20 Feb 202315:01
ibm
IBM Security Bulletins
Security Bulletin: IBM PowerVM Novalink is vulnerable because Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. (CVE-2022-45787)
5 May 202313:19
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to information disclosure due to Apache James MIME4J (CVE-2022-45787)
8 Feb 202316:15
ibm
IBM Security Bulletins
Security Bulletin: Rational Performance Tester contains a vulnerability which could effect its use of the MIME4J library
15 Dec 202515:38
ibm
IBM Security Bulletins
Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities
26 Mar 202503:54
ibm
IBM Security Bulletins
Security Bulletin: IBM Sterling B2B Integrator is affected by sensitive information exposure due to Apache James MIME4J (CVE-2022-45787)
21 Nov 202316:40
ibm
IBM Security Bulletins
Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for May 2023
26 Jun 202316:40
ibm
IBM Security Bulletins
Security Bulletin: IBM Cognos Analytics is affected but not classified as vulnerable to vulnerabilities in IBM Websphere Application Server Liberty
27 Sep 202314:07
ibm
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux9noarcheap7-activemq-artemis-native1:1.0.2-3.redhat_00004.1.el9eapeap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch.rpm
Red Hat Enterprise Linux9noarcheap7-apache-mime4j0:0.8.9-1.redhat_00001.1.el9eapeap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch.rpm
Red Hat Enterprise Linux9x86_64eap7-artemis-native1:1.0.2-4.redhat_00004.1.el9eapeap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64.rpm
Red Hat Enterprise Linux9x86_64eap7-artemis-native-wildfly1:1.0.2-4.redhat_00004.1.el9eapeap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64.rpm
Red Hat Enterprise Linux9noarcheap7-artemis-wildfly-integration0:1.0.7-1.redhat_00001.1.el9eapeap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch.rpm
Red Hat Enterprise Linux9noarcheap7-infinispan0:11.0.17-1.Final_redhat_00001.1.el9eapeap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch.rpm
Red Hat Enterprise Linux9noarcheap7-infinispan-cachestore-jdbc0:11.0.17-1.Final_redhat_00001.1.el9eapeap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch.rpm
Red Hat Enterprise Linux9noarcheap7-infinispan-cachestore-remote0:11.0.17-1.Final_redhat_00001.1.el9eapeap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch.rpm
Red Hat Enterprise Linux9noarcheap7-infinispan-client-hotrod0:11.0.17-1.Final_redhat_00001.1.el9eapeap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch.rpm
Red Hat Enterprise Linux9noarcheap7-infinispan-commons0:11.0.17-1.Final_redhat_00001.1.el9eapeap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch.rpm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

28 Jun 2026 12:17Current
7.1High risk
Vulners AI Score7.1
CVSS 3.15.5
EPSS0.00271
SSVC
2