DirectorySecurity Advisories
Sign In
Security Advisories

CGA-v4c7-87qg-mw2m

Published

Last updated

https://images.chainguard.dev/security/CGA-v4c7-87qg-mw2m
Package

keycloak

Latest Update
Not affected
Aliases
  • CVE-2022-28220
  • GHSA-w45j-f5g5-w94x

Severity

7.5

High

CVSS V3

Summary

Apache James vulnerable to buffering attack

Description

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation