PT-2023-14754 · Apache · Mime4J

Jonathan Leitschuh

Published

2023-01-06

Updated

2025-09-26

CVE-2022-45787

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache James MIME4J versions prior to 0.8.9

Description Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users.

Recommendations For Apache James MIME4J versions prior to 0.8.9, upgrade to MIME4j version 0.8.9 or later.

Fix

Information Disclosure

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-312

Related Identifiers

CVE-2022-45787

GHSA-Q84X-3476-8FF2

OESA-2025-2296

OESA-2025-2343

OESA-2025-2344

OESA-2025-2345

OESA-2025-2346

OESA-2025-2347

RHSA-2023:1512

RHSA-2023:1513

RHSA-2023:1514

RHSA-2023:2705

RHSA-2023:2706

RHSA-2023:2707

Affected Products

Mime4J

PT-2023-14754 · Apache · Mime4J

CVE-2022-45787

Weakness Enumeration

Related Identifiers

Affected Products

References · 23