Lucene search
K

263 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.43 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 (RHSA-2023:1514)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1514 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8AI score0.99615EPSS
Exploits11References44
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.104 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 (RHSA-2023:1512)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1512 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8AI score0.99615EPSS
Exploits11References44
RedHat Linux
RedHat Linux
added 2023/03/29 11:45 a.m.5 views

apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider

A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions...

5.5CVSS7.1AI score0.00271EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/03/29 11:44 a.m.90 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.2AI score0.99615EPSS
Exploits11References33
RedHat Linux
RedHat Linux
added 2023/03/29 11:44 a.m.5 views

apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider

A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions...

5.5CVSS7.1AI score0.00271EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/03/29 11:43 a.m.3 views

apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider

A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions...

5.5CVSS7.1AI score0.00271EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/03/14 7:43 p.m.52 views

CVE-2022-45787

A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions...

5.5CVSS5.4AI score0.00271EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/10 4:20 p.m.40 views

Security Bulletin: vulnerability in Apache James MIME4J (CVE-2022-45787) may affect TXSeries for Multiplatforms

Summary TXSeries for Multiplatforms has addressed a vulnerability in Apache James MIME4J CVE-2022-45787. Vulnerability Details CVEID:CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on...

5.5CVSS5.9AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/10 4:18 p.m.35 views

Security Bulletin: vulnerability in Apache James MIME4J (CVE-2022-45787) may affect CICS TX Advanced

Summary CICS TX Advanced has addressed a vulnerability in Apache James MIME4J CVE-2022-45787. Vulnerability Details CVEID:CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the...

5.5CVSS5.9AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/10 4:17 p.m.23 views

Security Bulletin: vulnerability in Apache James MIME4J (CVE-2022-45787) may affect CICS TX Standard

Summary CICS TX Standard has addressed a vulnerability in Apache James MIME4J CVE-2022-45787. Vulnerability Details CVEID:CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the...

5.5CVSS5.9AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 3:1 p.m.31 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to information disclosure due to Apache James MIME4J (CVE-2022-45787)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to information disclosure due to Apache James MIME4J CVE-2022-45787 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products a...

5.5CVSS6.1AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 2:58 p.m.26 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to information disclosure due to Apache James MIME4J (CVE-2022-45787)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to information disclosure due to Apache James MIME4J CVE-2022-45787 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products...

5.5CVSS6.1AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/08 4:15 p.m.51 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to information disclosure due to Apache James MIME4J (CVE-2022-45787)

Summary There is a vulnerability in the Apache James MIME4J library used by IBM WebSphere Application Server Liberty when the feature restfulWS-3.0 is enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated...

5.5CVSS5.9AI score0.00271EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/01/11 12:0 a.m.27 views

Apache James licensing issue vulnerability

Apache James is an open source Smtp and Pop3 mail transfer agent and Nntp news server written entirely in Java from the Apache Foundation in the U.S. An authorization issue vulnerability exists in Apache James, which stems from a vulnerability in the MIME4J TempFileStorageProvider using improperl...

5.5CVSS2AI score0.00271EPSS
Exploits0References1
CNVD
CNVD
added 2023/01/11 12:0 a.m.24 views

Apache James Information Disclosure Vulnerability

Apache James is an open source Smtp and Pop3 mail transfer agent and Nntp news server written entirely in Java by the Apache Foundation. An attacker with local access could use this vulnerability to access private user data in transit...

5.5CVSS1.7AI score0.0036EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2023/01/06 10:1 p.m.42 views

CVE-2022-45935

Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions...

5.5CVSS5.1AI score0.0036EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/01/06 12:31 p.m.4 views

be.jidoka:jdk-keycloak-admin (>=2.0.0 <=2.5.0), cn.sparrowmini:sparrow-keycloak-adapter (>=0.0.1 <=0.0.2) +534 more potentially affected by CVE-2022-45787 via org.apache.james:apache-mime4j-storage (>=0.7 <=0.8.8)

org.apache.james:apache-mime4j-storage MAVEN version =0.7, =2.0.0, =0.0.1, =1.0, =0.5.8, =8.0.0, =1.7.0, =1.7.0, =1.7.0, =1.7.0, =1.7.0, =1.7.0, =1.7.0, =1.7.0, =1.7.0, =1.7.0, =2.0.0 and more Source cves: CVE-2022-45787 Source advisory: OSV:GHSA-Q84X-3476-8FF2...

5.5CVSS6.3AI score0.00271EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/01/06 12:31 p.m.28 views

Apache James server allows an attacker with local access to access private user data in transit

Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions...

5.5CVSS5.3AI score0.0036EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/01/06 12:31 p.m.41 views

Apache James MIME4J vulnerable to information disclosure to local users

Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later...

5.5CVSS5.4AI score0.00271EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/01/06 12:31 p.m.2 views

GHSA-Q84X-3476-8FF2 Apache James MIME4J vulnerable to information disclosure to local users

Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later...

5.5CVSS7AI score0.00271EPSS
Exploits0References6
Rows per page
Query Builder