OESA-2024-1333

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1333

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2024-1333.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2024-1333

Upstream

CVE-2024-21742

Published

2024-03-29T11:07:19Z

Modified

2025-08-12T05:25:06.460526Z

Summary

apache-mime4j security update

Details

Java stream based MIME message parser.

Security Fix(es):

Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages. (CVE-2024-21742)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:22.03-LTS-SP3 / apache-mime4j

Package

Name: apache-mime4j
Purl: pkg:rpm/openEuler/apache-mime4j&distro=openEuler-22.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.3-2.oe2203sp3

Ecosystem specific

{
    "src": [
        "apache-mime4j-0.8.3-2.oe2203sp3.src.rpm"
    ],
    "noarch": [
        "apache-mime4j-0.8.3-2.oe2203sp3.noarch.rpm",
        "apache-mime4j-javadoc-0.8.3-2.oe2203sp3.noarch.rpm"
    ]
}