Lucene search
PRIOn knowledge basePRION:CVE-2021-40110HistoryJan 04, 2022 - 9:15 a.m.
Design/Logic Flaw
2022-01-0409:15:00
PRIOn knowledge base
www.prio-n.com
4
0.002 Low
EPSS
Percentile
51.8%
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of RE2J regular expression engine to execute regex in linear time without back-tracking.
Related
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-01-05 05:54:16
github
github
Denial of Service in Apache James
2022-01-08 00:40:30
osv
osv
Denial of Service in Apache James
2022-01-08 00:40:30
CVE-2021-40110
2022-01-04 09:15:07
cnvd
cnvd
Apache James Denial of Service Vulnerability (CNVD-2022-02755)
2022-01-07 00:00:00
cvelist
cvelist
CVE-2021-40110 Apache James IMAP vulnerable to a ReDoS
2022-01-04 08:55:22
cve
cve
CVE-2021-40110
2022-01-04 09:15:07
nvd
nvd
CVE-2021-40110
2022-01-04 09:15:07