Lucene search
+L

7 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-1194

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.01761EPSS
Exploits0References6
redhatcve
redhatcve
added 2025/05/23 12:45 a.m.14 views

CVE-2022-22931

Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...

9.1CVSS6.6AI score0.03706EPSS
Exploits0References1
osv
osv
added 2022/02/08 12:0 a.m.36 views

GHSA-V84G-CF5J-XJQX Path Traversal in Apache James Server

Apache James Server prior to version 3.6.2 contains a path traversal vulnerability. The fix for CVE-2021-40525 does not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users...

4.3CVSS6.4AI score0.01761EPSS
Exploits0References6
prion
prion
added 2022/02/07 7:15 p.m.22 views

Design/Logic Flaw

Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...

4CVSS6.4AI score0.03706EPSS
Exploits0References2Affected Software1
osv
osv
added 2022/01/04 9:15 a.m.22 views

CVE-2021-40525

Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based produc...

9.1CVSS6.6AI score
Exploits0References3
cvelist
cvelist
added 2022/01/04 8:55 a.m.33 views

CVE-2021-40525 Sieve file storage vulnerable to path traversal attacks

Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based produc...

6.9AI score0.03706EPSS
Exploits0References3
cve
cve
added 2022/01/04 8:55 a.m.114 views

CVE-2021-40525

The CVE-2021-40525 path traversal affects Apache James Server, specifically the maildir mailbox store and Sieve file repository. The underlying issue allows reading/writing files due to delimiter handling during directory validation, enabling access to other users’ data stores when user names are...

9.1CVSS6.4AI score0.03706EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder