GHSA-92j7-34x9-f3jw

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-92j7-34x9-f3jw/GHSA-92j7-34x9-f3jw.json

Aliases

CVE-2004-2650

Published

2022-04-29T03:01:51Z

Modified

2023-09-18T23:29:49Z

Details

Spooler in Apache Foundation James before 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.

References

https://nvd.nist.gov/vuln/detail/CVE-2004-2650
http://issues.apache.org/jira/browse/JAMES-268
http://james.apache.org/changelog.html
http://www.securityfocus.com/bid/15765

Affected packages

Maven / org.apache.james:james-server

Source Details

Package Name: org.apache.james:james-server

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2.2.0

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}