Lucene search
Veracode Vulnerability DatabaseVERACODE:33523HistoryJan 05, 2022 - 1:23 p.m.
Path Traversal
2022-01-0513:23:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.002 Low
EPSS
Percentile
55.3%
org.apache.james:apache-james-mailbox-maildir is vulnerable to path traversal. Improper validations in underlying file names allow remote attackers to inject relative paths to read and write files on any location.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache james :: mailbox :: maildir | le | 3.6.0 | |
| apache james :: mailbox :: maildir | le | 3.6.0 |
References
www.openwall.com/lists/oss-security/2022/01/04/4
www.openwall.com/lists/oss-security/2022/02/07/1
github.com/apache/james-project/commit/c019c349f9cb2dc6e767e71ea26cb1789ec482f9
github.com/apache/james-project/pull/659
issues.apache.org/jira/browse/JAMES-3646
www.openwall.com/lists/oss-security/2022/01/04/4
www.openwall.com/lists/oss-security/2022/01/04/4
Related
cve
cve
CVE-2021-40525
2022-01-04 09:15:07
CVE-2022-22931
2022-02-07 19:15:08
nvd
nvd
CVE-2021-40525
2022-01-04 09:15:07
CVE-2022-22931
2022-02-07 19:15:08
prion
prion
Path traversal
2022-01-04 09:15:00
Design/Logic Flaw
2022-02-07 19:15:00
cvelist
cvelist
CVE-2021-40525 Sieve file storage vulnerable to path traversal attacks
2022-01-04 08:55:25
CVE-2022-22931 Path traversal in Apache James 3.6.1
2022-02-07 18:50:10
osv
osv
CVE-2021-40525
2022-01-04 09:15:07
Path traversal in Apache James
2022-01-21 23:36:47
Path Traversal in Apache James Server
2022-02-08 00:00:34
github
github
Path traversal in Apache James
2022-01-21 23:36:47
Path Traversal in Apache James Server
2022-02-08 00:00:34
cnvd
cnvd
Apache James path traversal vulnerability
2022-01-06 00:00:00