VYPR
Moderate severityNVD Advisory· Published Jan 6, 2023· Updated Apr 10, 2025

Apache James server: Temporary File Information Disclosure

CVE-2022-45935

Description

Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit.

Vulnerable components includes the SMTP stack and IMAP APPEND command.

This issue affects Apache James server version 3.7.2 and prior versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.james:james-serverMaven
<= 3.7.2

Affected products

10

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.