2 matches found
CVE-2021-40111
In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user nee...
CVE-2021-40111
CVE-2021-40111 describes a DoS in Apache James where crafted IMAP APPEND and STATUS commands can trigger infinite loops in the IMAP parsing stack, causing high CPU load and OutOfMemory errors. Exploitation requires authentication and affects Apache James versions prior to 3.6.1. The issue was pat...