7 matches found
EUVD-2022-6956
Malicious code in bioql PyPI...
GHSA-W45J-F5G5-W94X Apache James vulnerable to buffering attack
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...
Apache James vulnerable to buffering attack
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...
Command injection
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...
CVE-2021-38542
Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information...
CVE-2021-38542 Apache James vulnerable to STARTTLS command injection (IMAP and POP3)
Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information...
CVE-2021-38542
CVE-2021-38542 concerns Apache James vulnerable to a buffering attack via STARTTLS. The core issue is in the handling of STARTTLS that could enable a MITM-related command injection and leakage of sensitive information. Multiple sources corroborate the STARTTLS-related buffering behavior and note ...