Количество 2
Количество 2
CVE-2022-28220
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests.
GHSA-w45j-f5g5-w94x
Apache James vulnerable to buffering attack
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-28220 Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests. | CVSS3: 7.5 | 2% Низкий | больше 3 лет назад |
| GHSA-w45j-f5g5-w94x Apache James vulnerable to buffering attack | CVSS3: 7.5 | 2% Низкий | больше 3 лет назад |
Уязвимостей на страницу