Lucene search
+L

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6956

Malicious code in bioql PyPI...

7.5CVSS6AI score0.01782EPSS
Exploits0References4
OSV
OSV
added 2022/09/09 12:0 a.m.20 views

GHSA-W45J-F5G5-W94X Apache James vulnerable to buffering attack

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...

7.5CVSS5.7AI score0.01782EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/09/09 12:0 a.m.41 views

Apache James vulnerable to buffering attack

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...

7.5CVSS5.9AI score0.01782EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/09/08 8:15 a.m.23 views

Command injection

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...

5CVSS5.8AI score0.02347EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/01/04 9:15 a.m.20 views

CVE-2021-38542

Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information...

5.9CVSS7.1AI score
Exploits0References3
Cvelist
Cvelist
added 2022/01/04 8:55 a.m.43 views

CVE-2021-38542 Apache James vulnerable to STARTTLS command injection (IMAP and POP3)

Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information...

7AI score0.02347EPSS
Exploits0References3
CVE
CVE
added 2022/01/04 8:55 a.m.134 views

CVE-2021-38542

CVE-2021-38542 concerns Apache James vulnerable to a buffering attack via STARTTLS. The core issue is in the handling of STARTTLS that could enable a MITM-related command injection and leakage of sensitive information. Multiple sources corroborate the STARTTLS-related buffering behavior and note ...

5.9CVSS6.1AI score0.02347EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder