Lucene search
+L

608 matches found

Snyk
Snyk
added 2025/02/06 12:31 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the JsoupHtmlTextExtractor function. An attacker can cause unbounded memory consumption leading to a denial of service by sending crafted HTML content that triggers excessive memory allocation. Details Denial o...

7.5CVSS7.5AI score0.00769EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/06 12:31 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS through the abuse of IMAP literals. An attacker can cause unbounded memory allocation and very long computations by sending specially crafted IMAP literals. Details Denial of Service DoS describes a family of...

8.7CVSS7.1AI score0.00856EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/02/06 12:31 p.m.6 views

org.apache.james.examples:custom-james-assembly (>=3.7.0 <=3.7.5), org.apache.james:apache-james (=3.0-beta4) +22 more potentially affected by CVE-2024-37358 via org.apache.james:james-server-protocols-imap4 (>=3.0-beta4 <=3.7.5)

org.apache.james:james-server-protocols-imap4 MAVEN version =3.0-beta4, =3.7.0, =3.0.0, =3.4.0, =3.0.0, =3.7.0, =3.0.0, =3.0.0, =3.3.0, =3.3.0, =3.7.0, =3.7.0, =3.0.0, =3.7.5 and more Source cves: CVE-2024-37358 Source advisory: SNYK:JAVA-ORGAPACHEJAMES-8689864...

8.6CVSS5.8AI score0.00856EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/02/06 12:31 p.m.8 views

org.apache.james.examples:custom-imap (>=3.8.0 <=3.8.1), org.apache.james.examples:custom-james-assembly (>=3.8.0 <=3.8.1) +13 more potentially affected by CVE-2024-37358 via org.apache.james:james-server-protocols-imap4 (>=3.8.0 <=3.8.1)

org.apache.james:james-server-protocols-imap4 MAVEN version =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.1 Source cves: CVE-2024-37358 Source advisory:...

8.6CVSS5.8AI score0.00856EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/02/06 12:31 p.m.7 views

org.apache.james.examples:custom-imap (>=3.8.0 <=3.8.1), org.apache.james.examples:custom-james-assembly (>=3.8.0 <=3.8.1) +15 more potentially affected by CVE-2024-37358 via org.apache.james.protocols:protocols-imap (>=3.8.0 <=3.8.1)

org.apache.james.protocols:protocols-imap MAVEN version =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.1 and more Source cves: CVE-2024-37358 Source advisory: OSV:GHSA-56JP-W6VW-J3JW...

8.6CVSS5.8AI score0.00856EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/02/06 12:31 p.m.15 views

org.apache.james.examples:custom-james-assembly (>=3.7.0 <=3.7.5), org.apache.james:apache-james-mpt-antlib (>=3.0.0 <=3.0.1) +31 more potentially affected by CVE-2024-37358 via org.apache.james.protocols:protocols-imap (>=3.0.0-RC1 <=3.7.5)

org.apache.james.protocols:protocols-imap MAVEN version =3.0.0-RC1, =3.7.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.4.0, =3.0.0, =3.0.0, =3.7.0, =3.0.0, =3.0.0, =3.6.2 and more Source cves: CVE-2024-37358 Source advisory: OSV:GHSA-56JP-W6VW-J3JW...

8.6CVSS5.8AI score0.00856EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/02/06 12:31 p.m.5 views

org.apache.james.examples:custom-james-assembly (>=3.8.0 <=3.8.1), org.apache.james:apache-james-mpt-smtp-cassandra (>=3.8.0 <=3.8.1) +14 more potentially affected by CVE-2024-45626 via org.apache.james:james-server-jmap-draft (>=3.8.0 <=3.8.1)

org.apache.james:james-server-jmap-draft MAVEN version =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.0, =3.8.1 and more Source cves: CVE-2024-45626 Source advisory:...

7.5CVSS5.8AI score0.00769EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/02/06 12:31 p.m.13 views

Apache James vulnerable to denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS6.4AI score0.00856EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/02/06 12:31 p.m.17 views

Apache James vulnerable to denial of service through JMAP HTML to text conversion

Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue...

7.5CVSS6.6AI score0.00769EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2025/02/06 12:31 p.m.3 views

GHSA-56JP-W6VW-J3JW Apache James vulnerable to denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS5.9AI score0.00856EPSS
Exploits0References5
OSV
OSV
added 2025/02/06 12:31 p.m.6 views

GHSA-57M2-H3FW-RXHW Apache James vulnerable to denial of service through JMAP HTML to text conversion

Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue...

7.5CVSS5.8AI score0.00769EPSS
Exploits0References7
NVD
NVD
added 2025/02/06 12:15 p.m.12 views

CVE-2024-45626

Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue...

7.5CVSS0.00769EPSS
Exploits0References2
NVD
NVD
added 2025/02/06 12:15 p.m.11 views

CVE-2024-37358

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS0.00856EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/06 11:22 a.m.30 views

CVE-2024-37358 Apache James: denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS0.00856EPSS
Exploits0References1
CVE
CVE
added 2025/02/06 11:22 a.m.85 views

CVE-2024-37358

Technical details about CVE-2024-37358 (affected software, impact, and fixes) are not provided in the connected documents. Monitor for updates.

8.6CVSS8.3AI score0.00856EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/06 11:22 a.m.1 views

CVE-2024-37358 Apache James: denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS6.1AI score0.00856EPSS
Exploits0References1
OSV
OSV
added 2025/02/06 11:22 a.m.2 views

CVE-2024-37358 Apache James: denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS7.1AI score0.00856EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/06 11:21 a.m.21 views

CVE-2024-45626 Apache James: denial of service through JMAP HTML to text conversion

Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue...

6.5CVSS0.00769EPSS
Exploits0References1
CVE
CVE
added 2025/02/06 11:21 a.m.78 views

CVE-2024-45626

CVE-2024-45626 affects Apache James server JMAP: the HTML-to-text conversion path can cause unbounded memory growth, leading to denial of service. Affected versions are those below 3.8.2 and 3.7.6. The recommended remediations are upgrades to 3.7.6, 3.8.2, or newer. The issue is caused by unbound...

7.5CVSS6.4AI score0.00769EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/02/06 11:21 a.m.8 views

CVE-2024-45626 Apache James: denial of service through JMAP HTML to text conversion

Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue...

6.5CVSS7AI score0.00769EPSS
Exploits0References4
Rows per page
Query Builder