This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
038a5808-24b3-11e5-b0c8-bf4d8935d4fa | roundcube -- multiple vulnerabilities Roundcube reports:
Discovery 2015-05-30 Entry 2015-07-07 roundcube ge 1.1.0,1 lt 1.1.2,1 < 1.0.6,1 CVE-2015-5381 CVE-2015-5383 http://openwall.com/lists/oss-security/2015/07/06/10 https://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released/ |
125f5958-b611-11e6-a9a5-b499baebfeaf | Roundcube -- arbitrary command execution The Roundcube project reports
Discovery 2016-11-29 Entry 2016-11-29 Modified 2016-12-14 roundcube < 1.2.3,1 CVE-2016-9920 94858 http://www.openwall.com/lists/oss-security/2016/12/08/17 https://github.com/roundcube/roundcubemail/wiki/Changelog#release-123 |
35c0b572-125a-11de-a964-0030843d3802 | roundcube -- webmail script insertion and php code injection Secunia reports:
Discovery 2009-01-21 Entry 2009-03-16 Modified 2009-03-26 roundcube < 0.2.1,1 CVE-2009-0413 http://secunia.com/advisories/33622/ http://sourceforge.net/forum/forum.php?forum_id=927958 http://trac.roundcube.net/changeset/2245 http://trac.roundcube.net/ticket/1485689 |
42a4d82d-4603-11ec-8be6-d4c9ef517024 | Roundcube -- Multiple vulnerabilities The Roundcube project reports:
Discovery 2021-11-12 Entry 2021-11-15 roundcube < 1.4.12,1 https://roundcube.net/news/2021/11/12/security-updates-1.4.12-and-1.3.17-released |
47197b47-6a1a-11ec-8be6-d4c9ef517024 | Roundcube -- XSS vulnerability The Roundcube project reports:
Discovery 2021-12-30 Entry 2021-12-31 roundcube < 1.5.2,1 https://roundcube.net/news/2021/12/30/update-1.5.2-released |
48894ca9-3e6f-11e8-92f0-f0def167eeea | roundcube -- IMAP command injection vulnerability Upstream reports:
Discovery 2018-04-11 Entry 2018-04-13 roundcube le 1.3.5,1 CVE-2018-9846 https://roundcube.net/news/2018/04/11/security-update-1.3.6 |
4ae68e7c-dda4-11e0-a906-00215c6a37bb | roundcube -- XSS vulnerability RoundCube development Team reports:
and:
Discovery 2011-08-09 Entry 2011-09-13 roundcube < 0.5.4,1 CVE-2011-2937 |
8f483746-d45d-11dd-84ec-001fc66e7203 | roundcube -- remote execution of arbitrary code Entry for CVE-2008-5619 says:
Discovery 2008-12-12 Entry 2008-12-30 roundcube < 0.2.b2,1 CVE-2008-5619 http://trac.roundcube.net/ticket/1485618 |
97e86d10-2ea7-11e6-ae88-002590263bf5 | roundcube -- XSS vulnerability Roundcube reports:
Discovery 2016-05-06 Entry 2016-06-10 roundcube < 1.1.5_1,1 CVE-2016-5103 ports/209841 https://github.com/roundcube/roundcubemail/issues/5240 http://seclists.org/oss-sec/2016/q2/414 |
a592e991-a919-11e2-ade0-8c705af55518 | roundcube -- arbitrary file disclosure vulnerability RoundCube development team reports:
Discovery 2013-03-27 Entry 2013-04-19 roundcube < 0.8.6,1 CVE-2013-1904 https://secunia.com/advisories/52806/ |
bce47c89-4d3f-11e7-8080-a4badb2f4699 | roundcube -- arbitrary password resets Roundcube reports:
Discovery 2017-04-28 Entry 2017-06-09 roundcube < 1.2.5,1 https://roundcube.net/news/2017/04/28/security-updates-1.2.5-1.1.9-and-1.0.11 CVE-2017-8114 |
c906e0a4-efa6-11e1-8fbf-001b77d09812 | roundcube -- cross-site scripting in HTML email messages RoundCube branch 0.8.x prior to the version 0.8.1 is prone to the cross-scripting attack (XSS) originating from incoming HTML e-mails: due to the lack of proper sanitization of JavaScript code inside the "href" attribute, sender could launch XSS attack when recipient opens the message in RoundCube interface. Discovery 2012-08-14 Entry 2012-08-27 roundcube ge 0.8.0,1 lt 0.8.1,1 CVE-2012-3508 http://trac.roundcube.net/wiki/Changelog http://trac.roundcube.net/ticket/1488613 |
f622608c-c53c-11e7-a633-009c02a2ab30 | roundcube -- file disclosure vulnerability MITRE reports:
Discovery 2017-11-06 Entry 2017-11-11 Modified 2017-12-31 roundcube < 1.3.3,1 https://github.com/roundcube/roundcubemail/issues/6026 https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10 CVE-2017-16651 ports/223557 |