Xavier Guimard

**Name of the Vulnerable Software and Affected Versions** Apache James versions prior to 3.7.6 Apache James versions prior to 3.8.2 **Description** Apache James is susceptible to a denial of service through the misuse of IMAP literals by both authenticated and unauthenticated users. This could lead to unbounded memory allocation and prolonged computations. **Recommendations** For Apache James version prior to 3.7.6, update to version 3.7.6 to restrict illegitimate use of IMAP literals. For Apache James version prior to 3.8.2, update to version 3.8.2 to mitigate the issue.