Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions.
We recommend users to upgrade to MIME4j version 0.8.9 or later.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/26s8p9stl1z261c4qw15bsq03tt7t0rj | Mailing List Vendor Advisory |
Configurations
History
07 Nov 2023, 03:54
Type | Values Removed | Values Added |
---|---|---|
Summary | Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later. |
Information
Published : 2023-01-06 10:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-45787
Mitre link : CVE-2022-45787
CVE.ORG link : CVE-2022-45787
JSON object : View
Products Affected
apache
- james
CWE
CWE-312
Cleartext Storage of Sensitive Information