CVE-2022-28220

CVE-2022-28220

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests.

Source: CVE-2022-28220

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다