Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-21742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add...

5.3CVSS6.7AI score0.01082EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/04 2:41 p.m.56 views

Security Bulletin: Apache James and Bouncy Castle vulnerabilities in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2023-33202,CVE-2024-21742,CVE-2024-29857,CVE-2024-30172,CVE-2024-34447)

Summary There are potential denial of service and bypass security restrictions vulnerabilities in Apache James Mime4J and Bouncy Castle Crypto Package, which are used by Apache Solr and Logstash in IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-34447 DESCRIPTION: The...

7.5CVSS7.2AI score0.011EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.42 views

Oracle Primavera Unifier (Jul 2024 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Integration Apache James MIME4J. Supported versio...

8.1CVSS6.5AI score0.01191EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/05 3:16 p.m.33 views

Security Bulletin: IBM Datapower Operations Dashboard could allow unintended headers to MIME messages CVE-2024-21742

Summary Apache James Mime4J is used by the IBM Datapower Operations Dashboard stream parsing implementation. Vulnerability Details CVEID:CVE-2024-21742 DESCRIPTION: Apache James Mime4J could allow a remote attacker to bypass security restrictions, caused by improper input validation. By sending a...

5.3CVSS7.6AI score0.01082EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/16 8:23 p.m.42 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information CVE-2024-28849,...

9.8CVSS10AI score0.08515EPSS
Exploits13Affected Software1
OSV
OSV
added 2024/04/19 11:7 a.m.3 views

OESA-2024-1477 apache-mime4j security update

Java stream based MIME message parser. Security Fixes: Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages. CVE-2024-21742...

5.3CVSS7.3AI score0.01082EPSS
Exploits0References2
OSV
OSV
added 2024/04/19 11:7 a.m.3 views

OESA-2024-1476 apache-mime4j security update

Java stream based MIME message parser. Security Fixes: Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages. CVE-2024-21742...

5.3CVSS7.3AI score0.01082EPSS
Exploits0References2
OSV
OSV
added 2024/04/19 11:7 a.m.3 views

OESA-2024-1478 apache-mime4j security update

Java stream based MIME message parser. Security Fixes: Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages. CVE-2024-21742...

5.3CVSS7.3AI score0.01082EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/02/27 6:31 p.m.9 views

ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), au.com.turingg:turingg-files (=0.0.1) +1172 more potentially affected by CVE-2024-21742 via org.apache.james:apache-mime4j-core (>=0.7 <=0.8.1)

org.apache.james:apache-mime4j-core MAVEN version =0.7, =1.3, =1.0.1, =3.00.4, =3.00.3, =4.00.10, =3.6.1, =3.11.0, =0.1, =1.2.3, =1.1, =0.3, =0.2, =0.3 and more Source cves: CVE-2024-21742 Source advisory: OSV:GHSA-JW7R-RXFF-GV24...

5.3CVSS6.7AI score0.01082EPSS
Exploits0
Wolfi
Wolfi
added 2024/02/27 5:15 p.m.67 views

CVE-2024-21742 vulnerabilities

Vulnerabilities for packages: opensearch, keycloak...

5.3CVSS6.7AI score0.01082EPSS
Exploits0
OSV
OSV
added 2024/02/27 5:15 p.m.8 views

CVE-2024-21742

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages...

5.3CVSS5.2AI score
Exploits0References2
CVE
CVE
added 2024/02/27 4:21 p.m.8550 views

CVE-2024-21742

CVE-2024-21742: IBM/connected IBM products show a vulnerability due to improper input validation in MIME4J DOM, enabling header injection in MIME messages. Affected: IBM API Connect v12 OnPrem 12.1.0.0 (per IBM bulletin); remediation: upgrade to 12.1.0.1. Other IBM docs also reference this CVE in...

5.3CVSS6.6AI score0.01082EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder