Vulnerabilities > Apache > James Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-20 | CVE-2017-12628 | Deserialization of Untrusted Data vulnerability in Apache James Server 2.3.2/2.3.2.1/3.0.0 The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. | 7.8 |
| 2016-06-07 | CVE-2015-7611 | OS Command Injection vulnerability in Apache James Server 2.3.2 Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors. | 8.1 |