- Description
- Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals.
- Source
- security@apache.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- Severity
- HIGH
- security@apache.org
- CWE-20
- Hype score
- Not currently trending
🚨Alert🚨 CVE-2024-45626 && CVE-2024-37358: Apache James Mail Server Hit by Double Denial-of-Service Vulnerabilities 📊 4.3K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/jYpSXKefOU 👇Query HUNTER : https://t.co/q9rtuGfZuz="Apache J
@HunterMapping
7 Feb 2025
1597 Impressions
3 Retweets
15 Likes
3 Bookmarks
0 Replies
1 Quote
CVE-2024-37358 Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, whi… https://t.co/0LReirdE5K
@CVEnew
6 Feb 2025
380 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes