10 matches found
PT-2026-45895
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=515796208 Crash type: Security exception Crash state: com.code intelligence.jazzer.sanitizers.RegexInjection.hookInternal com.code intelligence.jazzer.sanitizers.RegexInjection.patternHook...
OSV-2026-341 Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488745540 Crash type: Security exception Crash state: com.codeintelligence.jazzer.sanitizers.RegexInjection.hookInternal com.codeintelligence.jazzer.sanitizers.RegexInjection.patternHook...
OSV-2025-1004 Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=470469212 Crash type: Security exception Crash state: com.codeintelligence.jazzer.sanitizers.RegexInjection.hookInternal com.codeintelligence.jazzer.sanitizers.RegexInjection.patternHook...
OSV-2022-764 Security exception in org.apache.commons.jxpath.ri.compiler.CoreOperation.parenthesize
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50458 Crash type: Security exception Crash state: org.apache.commons.jxpath.ri.compiler.CoreOperation.parenthesize org.apache.commons.jxpath.ri.compiler.CoreOperation.toString...
Infinite Loop in Apache James
In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user nee...
GHSA-R58X-WJG8-63M9 Denial of Service in Apache James
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of...
Denial of Service in Apache James
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of...
Design/Logic Flaw
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of...
CVE-2021-40111 Apache James IMAP parsing Denial Of Service
In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user nee...
CVE-2021-40110 Apache James IMAP vulnerable to a ReDoS
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of...