Security
Headlines

Headlines Latest CVEs

Headline

GHSA-v6vp-62vc-84qw: Apache James server allows an attacker with local access to access private user data in transit

Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions.

1 year ago

Apache James server allows an attacker with local access to access private user data in transit

Moderate severity GitHub Reviewed Published Jan 6, 2023 • Updated Jan 9, 2023

Related news

Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions.

1 year ago

ghsa: Latest News

GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails

2 days ago

GHSA-jwcm-9g39-pmcw: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts

2 days ago

GHSA-55v3-xh23-96gh: `auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace

2 days ago

GHSA-j6vm-4r7g-x4gr: Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications

2 days ago

GHSA-6q3q-6v5j-h6vg: Querydsl vulnerable to HQL injection trough orderBy

2 days ago