CVE-2024-45626
published 2025-02-06CVE-2024-45626: Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service.
Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | james_server | < 3.7.6 | 3.7.6 |
| apache | james_server | >= 3.8.0 < 3.8.2 | 3.8.2 |
| apache_software_foundation | apache_james_server | <= 3.7.5 | — |
| apache_software_foundation | apache_james_server | 3.8.0 – 3.8.1 | — |