Apache · Apache James Server · CVE-2024-45626
**Name of the Vulnerable Software and Affected Versions**
Apache James server versions prior to 3.7.6
Apache James server versions prior to 3.8.2
**Description**
The issue is related to the JMAP HTML to text plain implementation, which is subject to unbounded memory consumption, potentially resulting in a denial of service.
**Recommendations**
Apache James server versions prior to 3.7.6: Upgrade to version 3.7.6 to fix the issue.
Apache James server versions prior to 3.8.2: Upgrade to version 3.8.2 to fix the issue.