VYPR

James

by Apache

Source repositories

CVEs (3)

  • CVE-2019-0228CriApr 17, 2019
    risk 0.64cvss 9.8epss 0.09

    Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.

  • CVE-2006-2806Jun 5, 2006
    risk 0.01cvss epss 0.06

    The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.

  • CVE-2004-2650Dec 31, 2004
    risk 0.00cvss epss 0.01

    Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.