Описание
Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions.
We recommend users to upgrade to MIME4j version 0.8.9 or later.
Ссылки
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.8.9 (исключая)
cpe:2.3:a:apache:james:*:*:*:*:mime4j:*:*:*
EPSS
Процентиль: 1%
0.00008
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-312
CWE-312
CWE-312
Связанные уязвимости
CVSS3: 5.5
redhat
около 3 лет назад
Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later.
CVSS3: 5.5
github
около 3 лет назад
Apache James MIME4J vulnerable to information disclosure to local users
EPSS
Процентиль: 1%
0.00008
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-312
CWE-312
CWE-312