CVE-2022-45787
Summary
| CVE | CVE-2022-45787 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-01-06 10:15:00 UTC |
| Updated | 2023-11-07 03:54:00 UTC |
| Description | Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later. |
Risk And Classification
Problem Types: CWE-312
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| lists.apache.org/thread/26s8p9stl1z261c4qw15bsq03tt7t0rj | MISC | lists.apache.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 241301 Red Hat Update for JBoss Enterprise Application Platform 7.4.1 on RHEL 7 (RHSA-2023:1512)
- 241302 Red Hat Update for JBoss Enterprise Application Platform 7.4.1 on RHEL 8 (RHSA-2023:1513)
- 241303 Red Hat Update for JBoss Enterprise Application Platform 7.4.1 on RHEL 9 (RHSA-2023:1514)
- 378241 IBM WebSphere Application Server Liberty Information Disclosure Vulnerability (6953779)
- 378917 IBM Cognos Analytics Multiple Vulnerabilities (7040744)