Every CVE whose affected-product data names Apache James Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-37358 — CVSS 8.6 (high): Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and…
CVE-2015-7611 — CVSS 8.1 (high): Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via…
CVE-2017-12628 — CVSS 7.8 (high): The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be…
CVE-2024-45626 — CVSS 6.5 (medium): Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption…