Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    249 vulnerabilities by horde

    CVE-2026-60102 (GCVE-0-2026-60102)

    Vulnerability from nvd – Published: 2026-07-08 16:25 – Updated: 2026-07-14 22:03 X_Open Source
    VLAI
    Title
    Horde VFS < 3.0.1 OS Command Injection via Horde_Vfs_Smb Driver
    Summary
    Horde Virtual File System (VFS) API before 3.0.1 contains an OS command injection vulnerability in the Horde_Vfs_Smb driver where the _escapeShellCommand() method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled filenames. Attackers can supply malicious filenames containing unescaped command substitution payloads through operations such as file upload, folder creation, rename, or deletion, which are interpolated into a double-quoted shell context and executed via proc_open() through /bin/sh -c before smbclient runs, resulting in arbitrary command execution on the underlying system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    horde Vfs Affected: 0 , < 3.0.1 (semver)
    Create a notification for this product.
    Date Public
    2026-07-08 00:00
    Credits
    Hacker Fantastic
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60102",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-08T17:40:35.903444Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-08T19:34:10.535Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageURL": "pkg:github/horde/Vfs",
              "product": "Vfs",
              "repo": "https://github.com/horde/Vfs",
              "vendor": "horde",
              "versions": [
                {
                  "lessThan": "3.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Hacker Fantastic"
            }
          ],
          "datePublic": "2026-07-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Virtual File System (VFS) API before 3.0.1 contains an OS command injection vulnerability in the Horde_Vfs_Smb driver where the _escapeShellCommand() method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled filenames. Attackers can supply malicious filenames containing unescaped command substitution payloads through operations such as file upload, folder creation, rename, or deletion, which are interpolated into a double-quoted shell context and executed via proc_open() through /bin/sh -c before smbclient runs, resulting in arbitrary command execution on the underlying system."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T22:03:29.942Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "Release Notes",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/horde/Vfs/releases/tag/v3.0.1"
            },
            {
              "name": "Fix PR",
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/horde/Vfs/pull/10"
            },
            {
              "name": "Fix Commit",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/horde/Vfs/commit/41f74b4acfc144e09013d04dd121e0a5da808361"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/horde-vfs-os-command-injection-via-horde-vfs-smb-driver"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "Horde VFS \u003c 3.0.1 OS Command Injection via Horde_Vfs_Smb Driver",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-60102",
        "datePublished": "2026-07-08T16:25:19.153Z",
        "dateReserved": "2026-07-08T13:27:53.030Z",
        "dateUpdated": "2026-07-14T22:03:29.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58451 (GCVE-0-2026-58451)

    Vulnerability from nvd – Published: 2026-07-01 18:16 – Updated: 2026-07-14 22:03 X_Open Source
    VLAI
    Title
    Horde IMP < 7.0.1 Path Traversal via Compose.php img src
    Summary
    Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos() prefix validation by appending sequences such as traversal segments after the matching prefix, causing file_get_contents() to read sensitive files whose contents are then exfiltrated as MIME parts in outgoing email; unauthenticated exploitation is also achievable via CSRF against an active authenticated session.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    horde imp Affected: 0 , < 7.0.1 (semver)
    Create a notification for this product.
    Date Public
    2026-07-01 00:00
    Credits
    evan VulnCheck
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-58451",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T18:41:12.206279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T18:41:32.372Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-02T19:30:49.019Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2026/Jul/8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageURL": "pkg:github/horde/imp",
              "product": "imp",
              "repo": "https://github.com/horde/imp",
              "vendor": "horde",
              "versions": [
                {
                  "lessThan": "7.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:horde:imp:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "evan"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "VulnCheck"
            }
          ],
          "datePublic": "2026-07-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos() prefix validation by appending sequences such as traversal segments after the matching prefix, causing file_get_contents() to read sensitive files whose contents are then exfiltrated as MIME parts in outgoing email; unauthenticated exploitation is also achievable via CSRF against an active authenticated session."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T22:03:05.643Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "Release Notes",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/horde/imp/releases/tag/v7.0.1"
            },
            {
              "name": "Fix PR",
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/horde/imp/pull/85"
            },
            {
              "name": "Fix Commit",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/horde/imp/commit/fba972fab72ee6871e5d56e6390bee38593085de"
            },
            {
              "name": "Project Webpage",
              "tags": [
                "product"
              ],
              "url": "https://www.horde.org/apps/imp"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/horde-imp-path-traversal-via-compose-php-img-src"
            },
            {
              "name": "Researcher Disclosure",
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://blog.evan.lat/posts/CVE-2026-58451/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "Horde IMP \u003c 7.0.1 Path Traversal via Compose.php img src",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-58451",
        "datePublished": "2026-07-01T18:16:09.328Z",
        "dateReserved": "2026-06-30T20:20:33.789Z",
        "dateUpdated": "2026-07-14T22:03:05.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-41066 (GCVE-0-2025-41066)

    Vulnerability from nvd – Published: 2025-12-02 14:01 – Updated: 2025-12-02 14:27
    VLAI
    Title
    Disclosure of sensitive information in Horde Groupware
    Summary
    Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Horde Groupware Affected: 5.2.22
    Create a notification for this product.
    Date Public
    2025-12-02 13:56
    Credits
    Amador Aparicio
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-41066",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-02T14:27:28.469741Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-02T14:27:37.506Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Groupware",
              "vendor": "Horde",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.2.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Amador Aparicio"
            }
          ],
          "datePublic": "2025-12-02T13:56:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to \u2018/imp/attachment.php\u2019 including the parameters \u2018id\u2019 and \u2018u\u2019. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user."
                }
              ],
              "value": "Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to \u2018/imp/attachment.php\u2019 including the parameters \u2018id\u2019 and \u2018u\u2019. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-02T14:01:34.192Z",
            "orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
            "shortName": "INCIBE"
          },
          "references": [
            {
              "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/disclosure-sensitive-information-horde-groupware"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No solution has been reported at this time.\u003cbr\u003e"
                }
              ],
              "value": "No solution has been reported at this time."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Disclosure of sensitive information in Horde Groupware",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
        "assignerShortName": "INCIBE",
        "cveId": "CVE-2025-41066",
        "datePublished": "2025-12-02T14:01:34.192Z",
        "dateReserved": "2025-04-16T09:09:34.457Z",
        "dateUpdated": "2025-12-02T14:27:37.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-30349 (GCVE-0-2025-30349)

    Vulnerability from nvd – Published: 2025-03-21 00:00 – Updated: 2025-04-03 19:57
    VLAI KEVIntel
    Summary
    Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Horde IMP Affected: 0 , ≤ 6.2.27 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-30349",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-03T19:57:19.164722Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-03T19:57:27.039Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-04-03T12:04:26.080Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00008.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IMP",
              "vendor": "Horde",
              "versions": [
                {
                  "lessThanOrEqual": "6.2.27",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:horde:imp:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "6.2.27",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-28T00:01:10.320Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/horde/webmail/releases/tag/v5.2.22"
            },
            {
              "url": "https://www.horde.org/apps/imp"
            },
            {
              "url": "https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057781.html"
            },
            {
              "url": "https://web.archive.org/web/20250321152616/https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057781.html"
            },
            {
              "url": "https://www.horde.org/download/horde"
            },
            {
              "url": "https://github.com/horde/imp/blob/fd9212ca3b72ff834504af4886f7d95138619bd4/doc/INSTALL.rst?plain=1#L61-L62"
            },
            {
              "url": "https://www.horde.org/apps/horde"
            },
            {
              "url": "https://github.com/horde/imp/blob/fd9212ca3b72ff834504af4886f7d95138619bd4/doc/INSTALL.rst?plain=1#L23-L25"
            },
            {
              "url": "https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057784.html"
            },
            {
              "url": "https://github.com/horde/imp/releases/tag/v6.2.27"
            },
            {
              "url": "https://github.com/horde/base/releases/tag/v5.2.23"
            },
            {
              "url": "https://web.archive.org/web/20250321162434/https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057784.html"
            },
            {
              "url": "https://github.com/natasaka/CVE-2025-30349/"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-30349",
        "datePublished": "2025-03-21T00:00:00.000Z",
        "dateReserved": "2025-03-21T00:00:00.000Z",
        "dateUpdated": "2025-04-03T19:57:27.039Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-30287 (GCVE-0-2022-30287)

    Vulnerability from nvd – Published: 2022-07-28 21:08 – Updated: 2024-10-19 13:05
    VLAI
    Summary
    Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-10-19T13:05:46.048Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.horde.org/apps/webmail"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.sonarsource.com/horde-webmail-rce-via-email/"
              },
              {
                "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3090-1] php-horde-turba security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00022.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00014.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-31T10:06:11.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.horde.org/apps/webmail"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.sonarsource.com/horde-webmail-rce-via-email/"
            },
            {
              "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3090-1] php-horde-turba security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00022.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-30287",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.horde.org/apps/webmail",
                  "refsource": "MISC",
                  "url": "https://www.horde.org/apps/webmail"
                },
                {
                  "name": "https://blog.sonarsource.com/horde-webmail-rce-via-email/",
                  "refsource": "MISC",
                  "url": "https://blog.sonarsource.com/horde-webmail-rce-via-email/"
                },
                {
                  "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3090-1] php-horde-turba security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-30287",
        "datePublished": "2022-07-28T21:08:21.000Z",
        "dateReserved": "2022-05-04T00:00:00.000Z",
        "dateUpdated": "2024-10-19T13:05:46.048Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26874 (GCVE-0-2022-26874)

    Vulnerability from nvd – Published: 2022-03-11 06:02 – Updated: 2024-10-19 18:02
    VLAI
    Summary
    lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-10-19T18:02:57.612Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5"
              },
              {
                "name": "[debian-lts-announce] 20220606 [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00007.html"
              },
              {
                "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3089-1] php-horde-mime-viewer security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00021.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00015.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-31T10:06:10.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5"
            },
            {
              "name": "[debian-lts-announce] 20220606 [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00007.html"
            },
            {
              "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3089-1] php-horde-mime-viewer security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00021.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-26874",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/",
                  "refsource": "MISC",
                  "url": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/"
                },
                {
                  "name": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5",
                  "refsource": "MISC",
                  "url": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5"
                },
                {
                  "name": "[debian-lts-announce] 20220606 [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00007.html"
                },
                {
                  "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3089-1] php-horde-mime-viewer security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00021.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-26874",
        "datePublished": "2022-03-11T06:02:56.000Z",
        "dateReserved": "2022-03-11T00:00:00.000Z",
        "dateUpdated": "2024-10-19T18:02:57.612Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26929 (GCVE-0-2021-26929)

    Vulnerability from nvd – Published: 2021-02-14 03:43 – Updated: 2024-08-03 20:33
    VLAI
    Summary
    An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:33:41.620Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/webmail/releases"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.horde.org/apps/webmail"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.alexbirnberg.com/horde-xss.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2021/001298.html"
              },
              {
                "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2564-1] php-horde-text-filter security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00028.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \\x00\\x00\\x00 and \\x01\\x01\\x01 interferes with XSS defenses."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-15T15:06:21.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/horde/webmail/releases"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.horde.org/apps/webmail"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.alexbirnberg.com/horde-xss.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/announce/2021/001298.html"
            },
            {
              "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2564-1] php-horde-text-filter security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00028.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-26929",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \\x00\\x00\\x00 and \\x01\\x01\\x01 interferes with XSS defenses."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/horde/webmail/releases",
                  "refsource": "MISC",
                  "url": "https://github.com/horde/webmail/releases"
                },
                {
                  "name": "https://www.horde.org/apps/webmail",
                  "refsource": "MISC",
                  "url": "https://www.horde.org/apps/webmail"
                },
                {
                  "name": "https://www.alexbirnberg.com/horde-xss.html",
                  "refsource": "MISC",
                  "url": "https://www.alexbirnberg.com/horde-xss.html"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2021/001298.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/announce/2021/001298.html"
                },
                {
                  "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2564-1] php-horde-text-filter security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00028.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-26929",
        "datePublished": "2021-02-14T03:43:49.000Z",
        "dateReserved": "2021-02-09T00:00:00.000Z",
        "dateUpdated": "2024-08-03T20:33:41.620Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8034 (GCVE-0-2020-8034)

    Vulnerability from nvd – Published: 2020-05-18 16:07 – Updated: 2024-08-04 09:48
    VLAI
    Summary
    Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2020-04-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:48:25.031Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/gollem/commits/master"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001289.html"
              },
              {
                "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2229-1] php-horde-gollem security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00033.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-04-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-31T17:06:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/horde/gollem/commits/master"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001289.html"
            },
            {
              "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2229-1] php-horde-gollem security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00033.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-8034",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/horde/gollem/commits/master",
                  "refsource": "MISC",
                  "url": "https://github.com/horde/gollem/commits/master"
                },
                {
                  "name": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html"
                },
                {
                  "name": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001289.html",
                  "refsource": "MISC",
                  "url": "https://lists.horde.org/archives/announce/2020/001289.html"
                },
                {
                  "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2229-1] php-horde-gollem security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00033.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-8034",
        "datePublished": "2020-05-18T16:07:37.000Z",
        "dateReserved": "2020-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T09:48:25.031Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8035 (GCVE-0-2020-8035)

    Vulnerability from nvd – Published: 2020-05-18 14:55 – Updated: 2024-08-04 09:48
    VLAI
    Summary
    The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2020-04-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:48:25.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001290.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES"
              },
              {
                "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2230-1] php-horde security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-04-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-31T23:06:09.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001290.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES"
            },
            {
              "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2230-1] php-horde security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-8035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001290.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/announce/2020/001290.html"
                },
                {
                  "name": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES"
                },
                {
                  "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2230-1] php-horde security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-8035",
        "datePublished": "2020-05-18T14:55:55.000Z",
        "dateReserved": "2020-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T09:48:25.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8866 (GCVE-0-2020-8866)

    Vulnerability from nvd – Published: 2020-03-23 20:15 – Updated: 2024-08-04 10:12
    VLAI
    Summary
    This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125.
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    zdi
    Impacted products
    Credits
    Andrea Cardaci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:12:10.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001288.html"
              },
              {
                "name": "[debian-lts-announce] 20200329 [SECURITY] [DLA 2162-1] php-horde-form security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Groupware Webmail Edition",
              "vendor": "Horde",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.2.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Andrea Cardaci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-30T00:06:08.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001288.html"
            },
            {
              "name": "[debian-lts-announce] 20200329 [SECURITY] [DLA 2162-1] php-horde-form security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2020-8866",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Groupware Webmail Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.2.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Horde"
                  }
                ]
              }
            },
            "credit": "Andrea Cardaci",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-434: Unrestricted Upload of File with Dangerous Type"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001288.html",
                  "refsource": "MISC",
                  "url": "https://lists.horde.org/archives/announce/2020/001288.html"
                },
                {
                  "name": "[debian-lts-announce] 20200329 [SECURITY] [DLA 2162-1] php-horde-form security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2020-8866",
        "datePublished": "2020-03-23T20:15:17.000Z",
        "dateReserved": "2020-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:12:10.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8865 (GCVE-0-2020-8865)

    Vulnerability from nvd – Published: 2020-03-23 20:15 – Updated: 2024-08-04 10:12
    VLAI
    Summary
    This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469.
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    zdi
    References
    Impacted products
    Credits
    Andrea Cardaci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:12:10.978Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/"
              },
              {
                "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2175-1] php-horde-trean security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Groupware Webmail Edition",
              "vendor": "Horde",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.2.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Andrea Cardaci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23: Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T04:06:00.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/"
            },
            {
              "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2175-1] php-horde-trean security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00009.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2020-8865",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Groupware Webmail Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.2.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Horde"
                  }
                ]
              }
            },
            "credit": "Andrea Cardaci",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-23: Relative Path Traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/"
                },
                {
                  "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2175-1] php-horde-trean security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00009.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2020-8865",
        "datePublished": "2020-03-23T20:15:17.000Z",
        "dateReserved": "2020-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:12:10.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8518 (GCVE-0-2020-8518)

    Vulnerability from nvd – Published: 2020-02-17 14:53 – Updated: 2024-08-04 10:03
    VLAI
    Summary
    Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:03:46.283Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2020-0248ad925e",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/"
              },
              {
                "name": "FEDORA-2020-1e7cc91d55",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001285.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html"
              },
              {
                "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2174-1] php-horde-data security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T04:06:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2020-0248ad925e",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/"
            },
            {
              "name": "FEDORA-2020-1e7cc91d55",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001285.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html"
            },
            {
              "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2174-1] php-horde-data security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-8518",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2020-0248ad925e",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/"
                },
                {
                  "name": "FEDORA-2020-1e7cc91d55",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001285.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/announce/2020/001285.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html"
                },
                {
                  "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2174-1] php-horde-data security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-8518",
        "datePublished": "2020-02-17T14:53:34.000Z",
        "dateReserved": "2020-02-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:03:46.283Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6275 (GCVE-0-2013-6275)

    Vulnerability from nvd – Published: 2019-11-05 18:50 – Updated: 2024-08-06 17:38
    VLAI
    Summary
    Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2013-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:38:59.388Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2013-6275"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/29274"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/63377"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029285"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-05T18:50:49.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2013-6275"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.exploit-db.com/exploits/29274"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/63377"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1029285"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6275",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2013-6275",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2013-6275"
                },
                {
                  "name": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275",
                  "refsource": "MISC",
                  "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275"
                },
                {
                  "name": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html",
                  "refsource": "MISC",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html"
                },
                {
                  "name": "http://www.exploit-db.com/exploits/29274",
                  "refsource": "MISC",
                  "url": "http://www.exploit-db.com/exploits/29274"
                },
                {
                  "name": "http://www.securityfocus.com/bid/63377",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/63377"
                },
                {
                  "name": "http://www.securitytracker.com/id/1029285",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1029285"
                },
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6275",
        "datePublished": "2019-11-05T18:50:49.000Z",
        "dateReserved": "2013-10-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:38:59.388Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6365 (GCVE-0-2013-6365)

    Vulnerability from nvd – Published: 2019-11-05 13:53 – Updated: 2024-08-06 17:39
    VLAI
    Summary
    Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:39:01.220Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2013-6365"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.securityfocus.com/archive/1/529590"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://packetstormsecurity.com/files/cve/CVE-2013-6365"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-05T13:53:25.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2013-6365"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.securityfocus.com/archive/1/529590"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://packetstormsecurity.com/files/cve/CVE-2013-6365"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6365",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2013-6365"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365"
                },
                {
                  "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365"
                },
                {
                  "name": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html",
                  "refsource": "MISC",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html"
                },
                {
                  "name": "https://www.securityfocus.com/archive/1/529590",
                  "refsource": "MISC",
                  "url": "https://www.securityfocus.com/archive/1/529590"
                },
                {
                  "name": "https://packetstormsecurity.com/files/cve/CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://packetstormsecurity.com/files/cve/CVE-2013-6365"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6365",
        "datePublished": "2019-11-05T13:53:25.000Z",
        "dateReserved": "2013-11-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:39:01.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-60102 (GCVE-0-2026-60102)

    Vulnerability from cvelistv5 – Published: 2026-07-08 16:25 – Updated: 2026-07-14 22:03 X_Open Source
    VLAI
    Title
    Horde VFS < 3.0.1 OS Command Injection via Horde_Vfs_Smb Driver
    Summary
    Horde Virtual File System (VFS) API before 3.0.1 contains an OS command injection vulnerability in the Horde_Vfs_Smb driver where the _escapeShellCommand() method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled filenames. Attackers can supply malicious filenames containing unescaped command substitution payloads through operations such as file upload, folder creation, rename, or deletion, which are interpolated into a double-quoted shell context and executed via proc_open() through /bin/sh -c before smbclient runs, resulting in arbitrary command execution on the underlying system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    horde Vfs Affected: 0 , < 3.0.1 (semver)
    Create a notification for this product.
    Date Public
    2026-07-08 00:00
    Credits
    Hacker Fantastic
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60102",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-08T17:40:35.903444Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-08T19:34:10.535Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageURL": "pkg:github/horde/Vfs",
              "product": "Vfs",
              "repo": "https://github.com/horde/Vfs",
              "vendor": "horde",
              "versions": [
                {
                  "lessThan": "3.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Hacker Fantastic"
            }
          ],
          "datePublic": "2026-07-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Virtual File System (VFS) API before 3.0.1 contains an OS command injection vulnerability in the Horde_Vfs_Smb driver where the _escapeShellCommand() method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled filenames. Attackers can supply malicious filenames containing unescaped command substitution payloads through operations such as file upload, folder creation, rename, or deletion, which are interpolated into a double-quoted shell context and executed via proc_open() through /bin/sh -c before smbclient runs, resulting in arbitrary command execution on the underlying system."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T22:03:29.942Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "Release Notes",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/horde/Vfs/releases/tag/v3.0.1"
            },
            {
              "name": "Fix PR",
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/horde/Vfs/pull/10"
            },
            {
              "name": "Fix Commit",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/horde/Vfs/commit/41f74b4acfc144e09013d04dd121e0a5da808361"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/horde-vfs-os-command-injection-via-horde-vfs-smb-driver"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "Horde VFS \u003c 3.0.1 OS Command Injection via Horde_Vfs_Smb Driver",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-60102",
        "datePublished": "2026-07-08T16:25:19.153Z",
        "dateReserved": "2026-07-08T13:27:53.030Z",
        "dateUpdated": "2026-07-14T22:03:29.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58451 (GCVE-0-2026-58451)

    Vulnerability from cvelistv5 – Published: 2026-07-01 18:16 – Updated: 2026-07-14 22:03 X_Open Source
    VLAI
    Title
    Horde IMP < 7.0.1 Path Traversal via Compose.php img src
    Summary
    Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos() prefix validation by appending sequences such as traversal segments after the matching prefix, causing file_get_contents() to read sensitive files whose contents are then exfiltrated as MIME parts in outgoing email; unauthenticated exploitation is also achievable via CSRF against an active authenticated session.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    horde imp Affected: 0 , < 7.0.1 (semver)
    Create a notification for this product.
    Date Public
    2026-07-01 00:00
    Credits
    evan VulnCheck
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-58451",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T18:41:12.206279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T18:41:32.372Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-07-02T19:30:49.019Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2026/Jul/8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageURL": "pkg:github/horde/imp",
              "product": "imp",
              "repo": "https://github.com/horde/imp",
              "vendor": "horde",
              "versions": [
                {
                  "lessThan": "7.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:horde:imp:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "evan"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "VulnCheck"
            }
          ],
          "datePublic": "2026-07-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos() prefix validation by appending sequences such as traversal segments after the matching prefix, causing file_get_contents() to read sensitive files whose contents are then exfiltrated as MIME parts in outgoing email; unauthenticated exploitation is also achievable via CSRF against an active authenticated session."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T22:03:05.643Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "Release Notes",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/horde/imp/releases/tag/v7.0.1"
            },
            {
              "name": "Fix PR",
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/horde/imp/pull/85"
            },
            {
              "name": "Fix Commit",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/horde/imp/commit/fba972fab72ee6871e5d56e6390bee38593085de"
            },
            {
              "name": "Project Webpage",
              "tags": [
                "product"
              ],
              "url": "https://www.horde.org/apps/imp"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/horde-imp-path-traversal-via-compose-php-img-src"
            },
            {
              "name": "Researcher Disclosure",
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://blog.evan.lat/posts/CVE-2026-58451/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_open-source"
          ],
          "title": "Horde IMP \u003c 7.0.1 Path Traversal via Compose.php img src",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-58451",
        "datePublished": "2026-07-01T18:16:09.328Z",
        "dateReserved": "2026-06-30T20:20:33.789Z",
        "dateUpdated": "2026-07-14T22:03:05.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-41066 (GCVE-0-2025-41066)

    Vulnerability from cvelistv5 – Published: 2025-12-02 14:01 – Updated: 2025-12-02 14:27
    VLAI
    Title
    Disclosure of sensitive information in Horde Groupware
    Summary
    Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Horde Groupware Affected: 5.2.22
    Create a notification for this product.
    Date Public
    2025-12-02 13:56
    Credits
    Amador Aparicio
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-41066",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-02T14:27:28.469741Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-02T14:27:37.506Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Groupware",
              "vendor": "Horde",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.2.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Amador Aparicio"
            }
          ],
          "datePublic": "2025-12-02T13:56:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to \u2018/imp/attachment.php\u2019 including the parameters \u2018id\u2019 and \u2018u\u2019. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user."
                }
              ],
              "value": "Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to \u2018/imp/attachment.php\u2019 including the parameters \u2018id\u2019 and \u2018u\u2019. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-02T14:01:34.192Z",
            "orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
            "shortName": "INCIBE"
          },
          "references": [
            {
              "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/disclosure-sensitive-information-horde-groupware"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "No solution has been reported at this time.\u003cbr\u003e"
                }
              ],
              "value": "No solution has been reported at this time."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Disclosure of sensitive information in Horde Groupware",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
        "assignerShortName": "INCIBE",
        "cveId": "CVE-2025-41066",
        "datePublished": "2025-12-02T14:01:34.192Z",
        "dateReserved": "2025-04-16T09:09:34.457Z",
        "dateUpdated": "2025-12-02T14:27:37.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-30349 (GCVE-0-2025-30349)

    Vulnerability from cvelistv5 – Published: 2025-03-21 00:00 – Updated: 2025-04-03 19:57
    VLAI KEVIntel
    Summary
    Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Horde IMP Affected: 0 , ≤ 6.2.27 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-30349",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-03T19:57:19.164722Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-03T19:57:27.039Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-04-03T12:04:26.080Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00008.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IMP",
              "vendor": "Horde",
              "versions": [
                {
                  "lessThanOrEqual": "6.2.27",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:horde:imp:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "6.2.27",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-28T00:01:10.320Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/horde/webmail/releases/tag/v5.2.22"
            },
            {
              "url": "https://www.horde.org/apps/imp"
            },
            {
              "url": "https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057781.html"
            },
            {
              "url": "https://web.archive.org/web/20250321152616/https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057781.html"
            },
            {
              "url": "https://www.horde.org/download/horde"
            },
            {
              "url": "https://github.com/horde/imp/blob/fd9212ca3b72ff834504af4886f7d95138619bd4/doc/INSTALL.rst?plain=1#L61-L62"
            },
            {
              "url": "https://www.horde.org/apps/horde"
            },
            {
              "url": "https://github.com/horde/imp/blob/fd9212ca3b72ff834504af4886f7d95138619bd4/doc/INSTALL.rst?plain=1#L23-L25"
            },
            {
              "url": "https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057784.html"
            },
            {
              "url": "https://github.com/horde/imp/releases/tag/v6.2.27"
            },
            {
              "url": "https://github.com/horde/base/releases/tag/v5.2.23"
            },
            {
              "url": "https://web.archive.org/web/20250321162434/https://lists.horde.org/archives/imp/Week-of-Mon-20250317/057784.html"
            },
            {
              "url": "https://github.com/natasaka/CVE-2025-30349/"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-30349",
        "datePublished": "2025-03-21T00:00:00.000Z",
        "dateReserved": "2025-03-21T00:00:00.000Z",
        "dateUpdated": "2025-04-03T19:57:27.039Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-30287 (GCVE-0-2022-30287)

    Vulnerability from cvelistv5 – Published: 2022-07-28 21:08 – Updated: 2024-10-19 13:05
    VLAI
    Summary
    Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-10-19T13:05:46.048Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.horde.org/apps/webmail"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.sonarsource.com/horde-webmail-rce-via-email/"
              },
              {
                "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3090-1] php-horde-turba security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00022.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00014.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-31T10:06:11.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.horde.org/apps/webmail"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.sonarsource.com/horde-webmail-rce-via-email/"
            },
            {
              "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3090-1] php-horde-turba security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00022.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-30287",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.horde.org/apps/webmail",
                  "refsource": "MISC",
                  "url": "https://www.horde.org/apps/webmail"
                },
                {
                  "name": "https://blog.sonarsource.com/horde-webmail-rce-via-email/",
                  "refsource": "MISC",
                  "url": "https://blog.sonarsource.com/horde-webmail-rce-via-email/"
                },
                {
                  "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3090-1] php-horde-turba security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-30287",
        "datePublished": "2022-07-28T21:08:21.000Z",
        "dateReserved": "2022-05-04T00:00:00.000Z",
        "dateUpdated": "2024-10-19T13:05:46.048Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26874 (GCVE-0-2022-26874)

    Vulnerability from cvelistv5 – Published: 2022-03-11 06:02 – Updated: 2024-10-19 18:02
    VLAI
    Summary
    lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-10-19T18:02:57.612Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5"
              },
              {
                "name": "[debian-lts-announce] 20220606 [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00007.html"
              },
              {
                "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3089-1] php-horde-mime-viewer security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00021.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00015.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-31T10:06:10.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5"
            },
            {
              "name": "[debian-lts-announce] 20220606 [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00007.html"
            },
            {
              "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3089-1] php-horde-mime-viewer security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00021.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-26874",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/",
                  "refsource": "MISC",
                  "url": "https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/"
                },
                {
                  "name": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5",
                  "refsource": "MISC",
                  "url": "https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5"
                },
                {
                  "name": "[debian-lts-announce] 20220606 [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00007.html"
                },
                {
                  "name": "[debian-lts-announce] 20220831 [SECURITY] [DLA 3089-1] php-horde-mime-viewer security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00021.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-26874",
        "datePublished": "2022-03-11T06:02:56.000Z",
        "dateReserved": "2022-03-11T00:00:00.000Z",
        "dateUpdated": "2024-10-19T18:02:57.612Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26929 (GCVE-0-2021-26929)

    Vulnerability from cvelistv5 – Published: 2021-02-14 03:43 – Updated: 2024-08-03 20:33
    VLAI
    Summary
    An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:33:41.620Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/webmail/releases"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.horde.org/apps/webmail"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.alexbirnberg.com/horde-xss.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2021/001298.html"
              },
              {
                "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2564-1] php-horde-text-filter security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00028.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \\x00\\x00\\x00 and \\x01\\x01\\x01 interferes with XSS defenses."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-15T15:06:21.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/horde/webmail/releases"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.horde.org/apps/webmail"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.alexbirnberg.com/horde-xss.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/announce/2021/001298.html"
            },
            {
              "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2564-1] php-horde-text-filter security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00028.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-26929",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \\x00\\x00\\x00 and \\x01\\x01\\x01 interferes with XSS defenses."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/horde/webmail/releases",
                  "refsource": "MISC",
                  "url": "https://github.com/horde/webmail/releases"
                },
                {
                  "name": "https://www.horde.org/apps/webmail",
                  "refsource": "MISC",
                  "url": "https://www.horde.org/apps/webmail"
                },
                {
                  "name": "https://www.alexbirnberg.com/horde-xss.html",
                  "refsource": "MISC",
                  "url": "https://www.alexbirnberg.com/horde-xss.html"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2021/001298.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/announce/2021/001298.html"
                },
                {
                  "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2564-1] php-horde-text-filter security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00028.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/162187/Webmail-Edition-5.2.22-XSS-Remote-Code-Execution.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/162194/Horde-Groupware-Webmail-5.2.22-Cross-Site-Scripting.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-26929",
        "datePublished": "2021-02-14T03:43:49.000Z",
        "dateReserved": "2021-02-09T00:00:00.000Z",
        "dateUpdated": "2024-08-03T20:33:41.620Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8034 (GCVE-0-2020-8034)

    Vulnerability from cvelistv5 – Published: 2020-05-18 16:07 – Updated: 2024-08-04 09:48
    VLAI
    Summary
    Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2020-04-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:48:25.031Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/gollem/commits/master"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001289.html"
              },
              {
                "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2229-1] php-horde-gollem security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00033.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-04-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-31T17:06:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/horde/gollem/commits/master"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001289.html"
            },
            {
              "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2229-1] php-horde-gollem security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00033.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-8034",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/horde/gollem/commits/master",
                  "refsource": "MISC",
                  "url": "https://github.com/horde/gollem/commits/master"
                },
                {
                  "name": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/gollem/Week-of-Mon-20200420/001990.html"
                },
                {
                  "name": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/horde/gollem/blob/95b2a4212d734f1b27aaa7a221d2fa1370d2631f/docs/CHANGES"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001289.html",
                  "refsource": "MISC",
                  "url": "https://lists.horde.org/archives/announce/2020/001289.html"
                },
                {
                  "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2229-1] php-horde-gollem security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00033.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-8034",
        "datePublished": "2020-05-18T16:07:37.000Z",
        "dateReserved": "2020-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T09:48:25.031Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8035 (GCVE-0-2020-8035)

    Vulnerability from cvelistv5 – Published: 2020-05-18 14:55 – Updated: 2024-08-04 09:48
    VLAI
    Summary
    The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2020-04-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:48:25.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001290.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES"
              },
              {
                "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2230-1] php-horde security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-04-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-31T23:06:09.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001290.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES"
            },
            {
              "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2230-1] php-horde security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-8035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim\u0027s webmail account by making them visit a malicious URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001290.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/announce/2020/001290.html"
                },
                {
                  "name": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES"
                },
                {
                  "name": "[debian-lts-announce] 20200531 [SECURITY] [DLA 2230-1] php-horde security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-8035",
        "datePublished": "2020-05-18T14:55:55.000Z",
        "dateReserved": "2020-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T09:48:25.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8866 (GCVE-0-2020-8866)

    Vulnerability from cvelistv5 – Published: 2020-03-23 20:15 – Updated: 2024-08-04 10:12
    VLAI
    Summary
    This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125.
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    zdi
    Impacted products
    Credits
    Andrea Cardaci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:12:10.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001288.html"
              },
              {
                "name": "[debian-lts-announce] 20200329 [SECURITY] [DLA 2162-1] php-horde-form security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Groupware Webmail Edition",
              "vendor": "Horde",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.2.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Andrea Cardaci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-30T00:06:08.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001288.html"
            },
            {
              "name": "[debian-lts-announce] 20200329 [SECURITY] [DLA 2162-1] php-horde-form security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2020-8866",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Groupware Webmail Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.2.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Horde"
                  }
                ]
              }
            },
            "credit": "Andrea Cardaci",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-434: Unrestricted Upload of File with Dangerous Type"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-275/"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001288.html",
                  "refsource": "MISC",
                  "url": "https://lists.horde.org/archives/announce/2020/001288.html"
                },
                {
                  "name": "[debian-lts-announce] 20200329 [SECURITY] [DLA 2162-1] php-horde-form security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2020-8866",
        "datePublished": "2020-03-23T20:15:17.000Z",
        "dateReserved": "2020-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:12:10.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8865 (GCVE-0-2020-8865)

    Vulnerability from cvelistv5 – Published: 2020-03-23 20:15 – Updated: 2024-08-04 10:12
    VLAI
    Summary
    This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469.
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    zdi
    References
    Impacted products
    Credits
    Andrea Cardaci
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:12:10.978Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/"
              },
              {
                "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2175-1] php-horde-trean security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Groupware Webmail Edition",
              "vendor": "Horde",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.2.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Andrea Cardaci"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23: Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T04:06:00.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/"
            },
            {
              "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2175-1] php-horde-trean security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00009.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2020-8865",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Groupware Webmail Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.2.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Horde"
                  }
                ]
              }
            },
            "credit": "Andrea Cardaci",
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469."
                }
              ]
            },
            "impact": {
              "cvss": {
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-23: Relative Path Traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-276/"
                },
                {
                  "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2175-1] php-horde-trean security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00009.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2020-8865",
        "datePublished": "2020-03-23T20:15:17.000Z",
        "dateReserved": "2020-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:12:10.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-8518 (GCVE-0-2020-8518)

    Vulnerability from cvelistv5 – Published: 2020-02-17 14:53 – Updated: 2024-08-04 10:03
    VLAI
    Summary
    Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:03:46.283Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2020-0248ad925e",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/"
              },
              {
                "name": "FEDORA-2020-1e7cc91d55",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.horde.org/archives/announce/2020/001285.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html"
              },
              {
                "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2174-1] php-horde-data security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T04:06:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2020-0248ad925e",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/"
            },
            {
              "name": "FEDORA-2020-1e7cc91d55",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.horde.org/archives/announce/2020/001285.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html"
            },
            {
              "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2174-1] php-horde-data security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-8518",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2020-0248ad925e",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/"
                },
                {
                  "name": "FEDORA-2020-1e7cc91d55",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/"
                },
                {
                  "name": "https://lists.horde.org/archives/announce/2020/001285.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.horde.org/archives/announce/2020/001285.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html"
                },
                {
                  "name": "[debian-lts-announce] 20200415 [SECURITY] [DLA 2174-1] php-horde-data security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-8518",
        "datePublished": "2020-02-17T14:53:34.000Z",
        "dateReserved": "2020-02-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:03:46.283Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6275 (GCVE-0-2013-6275)

    Vulnerability from cvelistv5 – Published: 2019-11-05 18:50 – Updated: 2024-08-06 17:38
    VLAI
    Summary
    Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2013-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:38:59.388Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2013-6275"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/29274"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/63377"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029285"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-05T18:50:49.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2013-6275"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.exploit-db.com/exploits/29274"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/63377"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1029285"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6275",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2013-6275",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2013-6275"
                },
                {
                  "name": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275",
                  "refsource": "MISC",
                  "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-6275"
                },
                {
                  "name": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html",
                  "refsource": "MISC",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0134.html"
                },
                {
                  "name": "http://www.exploit-db.com/exploits/29274",
                  "refsource": "MISC",
                  "url": "http://www.exploit-db.com/exploits/29274"
                },
                {
                  "name": "http://www.securityfocus.com/bid/63377",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/63377"
                },
                {
                  "name": "http://www.securitytracker.com/id/1029285",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1029285"
                },
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6275",
        "datePublished": "2019-11-05T18:50:49.000Z",
        "dateReserved": "2013-10-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:38:59.388Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6365 (GCVE-0-2013-6365)

    Vulnerability from cvelistv5 – Published: 2019-11-05 13:53 – Updated: 2024-08-06 17:39
    VLAI
    Summary
    Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:39:01.220Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2013-6365"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.securityfocus.com/archive/1/529590"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://packetstormsecurity.com/files/cve/CVE-2013-6365"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-05T13:53:25.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2013-6365"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.securityfocus.com/archive/1/529590"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://packetstormsecurity.com/files/cve/CVE-2013-6365"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6365",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2013-6365"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6365"
                },
                {
                  "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6365"
                },
                {
                  "name": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html",
                  "refsource": "MISC",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0013.html"
                },
                {
                  "name": "https://www.securityfocus.com/archive/1/529590",
                  "refsource": "MISC",
                  "url": "https://www.securityfocus.com/archive/1/529590"
                },
                {
                  "name": "https://packetstormsecurity.com/files/cve/CVE-2013-6365",
                  "refsource": "MISC",
                  "url": "https://packetstormsecurity.com/files/cve/CVE-2013-6365"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6365",
        "datePublished": "2019-11-05T13:53:25.000Z",
        "dateReserved": "2013-11-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:39:01.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-201805-0227

    Vulnerability from variot - Updated: 2024-05-17 19:19

    The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification. In multiple mail clients OpenPGP and S/MIME A plaintext message may be leaked when decrypting the message. OpenPGP and S/MIME For e-mail clients that support, it is possible to establish a channel for sending plaintext by decrypting encrypted e-mail inserted with content crafted by an attacker with the user's e-mail client. The discoverer can attack with this vulnerability "CBC/CFB gadget attack" I call it. For example HTML image By inserting a tag, the decrypted message is HTTP It may be sent as part of the request. * CVE-2017-17688: OpenPGP CFB Attacks * CVE-2017-17689: S/MIME CBC Attacks Some email clients also use multipart MIME Because the message is not properly separated and processed, attackers can process encrypted mail in plain text. MIME It can be included in the part. in this case, CBC/CFB gadget attack The plaintext message may be sent without executing. Detail is, Articles provided by the discoverer Please refer to.A remote attacker may obtain plaintext from encrypted mail without the key information required for decryption. OpenPGP is prone to an information disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. OpenPGP is a set of email encryption standards that supports multiple platforms

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201805-0227",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "webmail",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "roundcube",
            "version": null
          },
          {
            "model": "emclient",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "emclient",
            "version": null
          },
          {
            "model": "imp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "horde",
            "version": null
          },
          {
            "model": "mail",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "postbox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "postbox",
            "version": null
          },
          {
            "model": "airmail",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bloop",
            "version": null
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": "maildroid",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "flipdogsolutions",
            "version": null
          },
          {
            "model": "r2mail2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "r2mail2",
            "version": null
          },
          {
            "model": "mailmate",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freron",
            "version": null
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2007"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9folders",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "airmail",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "evolution",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "flipdog",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gpgtools",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnupg",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "kmail",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mailmate",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postbox",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "r2mail2",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ritlabs srl",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "roundcube",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "the enigmail",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "the horde",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trojita",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "em client",
            "version": null
          },
          {
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "model": "round cube webmail",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "roundcube",
            "version": "0"
          },
          {
            "model": "r2mail2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "r2mail2",
            "version": "0"
          },
          {
            "model": "postbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "postbox",
            "version": "0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.5.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.5.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "15.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "13.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "12.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.20"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.13"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.12"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.11"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.024"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.19"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.17"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.16"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.15"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.13"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.12"
          },
          {
            "model": "thunderbird beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.52"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.13"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "9.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "9.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "8.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "7.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "7.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "6.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "6.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "6.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "5.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "38.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "32.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.19"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.18"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.17"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.16"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.15"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.11"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.10"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.10"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.8.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "23.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.23"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.22"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.21"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.20"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.18"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.11"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "15.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "15"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "14.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "13.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "12.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "11.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "11.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.12"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.10"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.1"
          },
          {
            "model": "thunderbird beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.5"
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20070"
          },
          {
            "model": "project horde imp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "horde",
            "version": "0"
          },
          {
            "model": "solutions maildroid",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "flipdog",
            "version": "0"
          },
          {
            "model": "enigmail",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "enigmail",
            "version": "0"
          },
          {
            "model": "client em client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "em",
            "version": "0"
          },
          {
            "model": "mail",
            "scope": null,
            "trust": 0.3,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "airmail",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "airmail",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "BID",
            "id": "104162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:outlook:2007:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:horde:horde_imp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:flipdogsolutions:maildroid:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:r2mail2:r2mail2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:mail:-:*:*:*:*:iphone_os:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:bloop:airmail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:freron:mailmate:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:mail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:emclient:emclient:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:postbox-inc:postbox:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:roundcube:webmail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Damian Poddebniak, Christian Dresen, Jens M\u00fcller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jorg Schwenk.",
        "sources": [
          {
            "db": "BID",
            "id": "104162"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-17688",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-108735",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULMON",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-17688",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "MEDIUM",
                "trust": 0.1,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-17688",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201712-725",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-108735",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-17688",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17688"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification. In multiple mail clients OpenPGP and S/MIME A plaintext message may be leaked when decrypting the message. OpenPGP and S/MIME For e-mail clients that support, it is possible to establish a channel for sending plaintext by decrypting encrypted e-mail inserted with content crafted by an attacker with the user\u0027s e-mail client. The discoverer can attack with this vulnerability \"CBC/CFB gadget attack\" I call it. For example HTML image By inserting a tag, the decrypted message is HTTP It may be sent as part of the request. * *CVE-2017-17688: OpenPGP CFB Attacks * *CVE-2017-17689: S/MIME CBC Attacks Some email clients also use multipart MIME Because the message is not properly separated and processed, attackers can process encrypted mail in plain text. MIME It can be included in the part. in this case, CBC/CFB gadget attack The plaintext message may be sent without executing. Detail is, \u003ca href=\"https://efail.de/efail-attack-paper.pdf\" target=\"blank\"\u003e Articles provided by the discoverer \u003c/a\u003e Please refer to.A remote attacker may obtain plaintext from encrypted mail without the key information required for decryption. OpenPGP is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. OpenPGP is a set of email encryption standards that supports multiple platforms",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          },
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "BID",
            "id": "104162"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17688"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-17688",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "104162",
            "trust": 2.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#122919",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1040904",
            "trust": 1.8
          },
          {
            "db": "JVN",
            "id": "JVNVU95575473",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-108735",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17688",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17688"
          },
          {
            "db": "BID",
            "id": "104162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "id": "VAR-201805-0227",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108735"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-05-17T19:19:57.881000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Debian CVElist Bug Report Logs: enigmail: efail attack against enigmail",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=56a8018aac811c8d81b81ef5a6c3623a"
          },
          {
            "title": "Red Hat: CVE-2017-17688",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-17688"
          },
          {
            "title": "Efail-malleability-gadget-exploit",
            "trust": 0.1,
            "url": "https://github.com/jaads/efail-malleability-gadget-exploit "
          },
          {
            "title": "more\nBoring bugs",
            "trust": 0.1,
            "url": "https://github.com/hannob/pgpbugs "
          },
          {
            "title": "SecDB - Security Feeds",
            "trust": 0.1,
            "url": "https://github.com/giterlizzi/secdb-feeds "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2018/05/14/smime_pgp_encryption_flaw_emails_vulnerable_to_snooping/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-310",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://efail.de/"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/104162"
          },
          {
            "trust": 1.8,
            "url": "https://www.synology.com/support/security/synology_sa_18_22"
          },
          {
            "trust": 1.8,
            "url": "http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html"
          },
          {
            "trust": 1.8,
            "url": "https://efail.de"
          },
          {
            "trust": 1.8,
            "url": "https://lists.gnupg.org/pipermail/gnupg-users/2018-may/060334.html"
          },
          {
            "trust": 1.8,
            "url": "https://news.ycombinator.com/item?id=17066419"
          },
          {
            "trust": 1.8,
            "url": "https://protonmail.com/blog/pgp-vulnerability-efail"
          },
          {
            "trust": 1.8,
            "url": "https://twitter.com/matthew_d_green/status/995996706457243648"
          },
          {
            "trust": 1.8,
            "url": "https://www.patreon.com/posts/cybersecurity-15-18814817"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id/1040904"
          },
          {
            "trust": 1.6,
            "url": "https://efail.de/efail-attack-paper.pdf"
          },
          {
            "trust": 1.2,
            "url": "https://www.kb.cert.org/vuls/id/122919"
          },
          {
            "trust": 0.8,
            "url": "https://tools.ietf.org/html/rfc4880"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17689"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17688"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu95575473/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17689"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17688"
          },
          {
            "trust": 0.3,
            "url": "https://www.openpgp.org/"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577906"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-17688"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898630"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/jaads/efail-malleability-gadget-exploit"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17688"
          },
          {
            "db": "BID",
            "id": "104162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17688"
          },
          {
            "db": "BID",
            "id": "104162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "date": "2018-05-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "date": "2018-05-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17688"
          },
          {
            "date": "2018-05-14T00:00:00",
            "db": "BID",
            "id": "104162"
          },
          {
            "date": "2018-05-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "date": "2017-12-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          },
          {
            "date": "2018-05-16T19:29:00.223000",
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108735"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17688"
          },
          {
            "date": "2018-05-15T10:00:00",
            "db": "BID",
            "id": "104162"
          },
          {
            "date": "2018-08-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          },
          {
            "date": "2024-05-17T01:16:13.807000",
            "db": "NVD",
            "id": "CVE-2017-17688"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenPGP and S/MIME mail client vulnerabilities",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-725"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201805-0228

    Vulnerability from variot - Updated: 2024-02-13 20:51

    The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. In multiple mail clients OpenPGP and S/MIME A plaintext message may be leaked when decrypting the message. OpenPGP and S/MIME For e-mail clients that support, it is possible to establish a channel for sending plaintext by decrypting encrypted e-mail inserted with content crafted by an attacker with the user's e-mail client. The discoverer can attack with this vulnerability "CBC/CFB gadget attack" I call it. For example HTML image By inserting a tag, the decrypted message is HTTP It may be sent as part of the request. * CVE-2017-17688: OpenPGP CFB Attacks * CVE-2017-17689: S/MIME CBC Attacks Some email clients also use multipart MIME Because the message is not properly separated and processed, attackers can process encrypted mail in plain text. MIME It can be included in the part. in this case, CBC/CFB gadget attack The plaintext message may be sent without executing. Detail is, Articles provided by the discoverer Please refer to.A remote attacker may obtain plaintext from encrypted mail without the key information required for decryption. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. S/MIME is a certificate implementation for email encryption. A security vulnerability exists in S/MIME. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


    Debian Security Advisory DSA-4244-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 13, 2018 https://www.debian.org/security/faq


    Package : thunderbird CVE ID : CVE-2017-17689 CVE-2018-5188 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374

    Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.

    For the stable distribution (stretch), these problems have been fixed in version 1:52.9.1-1~deb9u1.

    We recommend that you upgrade your thunderbird packages.

    For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAltI+2sACgkQEMKTtsN8 TjZXHRAAgOmSvTwwmmzxRH/4tSSpndZCFCtkHrG5PU5D3XesLGnWpNZk9aINsaU2 ih3fmEKzQgHHfAzK3d9TcGjyiI+PoVuWkVknsVqTrHd+xQtxUs7B/5Pfz5WKiYDJ QJ4NhjTgHHystYa0j2CvK28/ZoPVZgwnc/D051ChTInPWXimJI+TxpsndW/NPuaJ SphoPP34OMO2EARjrKCxiL6NRv6kD4CJv0AgoYfdO0qPXomuA8HpDAH1itd7GbRq yVJoZRnpz9dGjJSM5wyFCc1BIqmA/CMphhmqiRTuFBA+rOSEDblzfc2tg9t82CVQ caA7rF3VrYx8qmgpP3akCju+SDOEWLerFGHH1iaQ+GBqiXvduvMl/MSXCZmVZzIC 92Ko2m9kURkak4yKccEbHJ5Vh8i0oLUOc+Ee3MUUfWUblYbCcB4z34p9hRwc8u83 mmGUbsq+qWvdcd9NkekKC/ENQZt4Egb3doeEzqSkaa4uhFaQ1gGosHXGslNTCqLl 6RyeFON9Q5CWphQET+rmnlcJ8B1cSHgpG1ZTN6szlsQpiVgcRu/JYrgyzX9Y6WdY rAape6t+gsEeLOP7n9pZ/KYSadUF5CvYY/nX9H6kJO1RmG9y0A+8wAEuW+nSOMMJ vh2U09+y5XJHQqV0MMTKbnadxlyi8Oerc0zrYaoBuYhR7wmvkus= =R2OH -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201805-0228",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "the bat",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "ritlabs",
            "version": null
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "microsoft",
            "version": "2013"
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2007"
          },
          {
            "model": "kmail",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kde",
            "version": null
          },
          {
            "model": "maildroid",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "flipdogsolutions",
            "version": null
          },
          {
            "model": "imp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "horde",
            "version": null
          },
          {
            "model": "notes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2010"
          },
          {
            "model": "trojita",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kde",
            "version": null
          },
          {
            "model": "emclient",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "emclient",
            "version": null
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "gmail",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": null
          },
          {
            "model": "mailmate",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freron",
            "version": null
          },
          {
            "model": "mail",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "airmail",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bloop",
            "version": null
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": "postbox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "postbox",
            "version": null
          },
          {
            "model": "evolution",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gnome",
            "version": null
          },
          {
            "model": "nine",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "9folders",
            "version": null
          },
          {
            "model": "r2mail2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "r2mail2",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9folders",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "airmail",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "evolution",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "flipdog",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gpgtools",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnupg",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "kmail",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mailmate",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postbox",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "r2mail2",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ritlabs srl",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "roundcube",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "the enigmail",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "the horde",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trojita",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "em client",
            "version": null
          },
          {
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "model": "r2mail2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "r2mail2",
            "version": "0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.5.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.5.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "15.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "13.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "12.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.20"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.13"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.12"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.11"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.024"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.19"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.17"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.16"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.15"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.13"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.12"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "7.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "52"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "45.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "38.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "32.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "31"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.19"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.18"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.17"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.16"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.15"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.11"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.10"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.10"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.8.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.6"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "24.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "23.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.23"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.22"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.21"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.20"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.18"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.11"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.9"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "17.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "16"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "15.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "15"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "14.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "13.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "12.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "11.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "11.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.3"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0.1"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "10.0"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.8"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.7"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.5"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.4"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.2"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.14"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.12"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.10"
          },
          {
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.1"
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20100"
          },
          {
            "model": "outlook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20070"
          },
          {
            "model": "kmail",
            "scope": null,
            "trust": 0.3,
            "vendor": "kde",
            "version": null
          },
          {
            "model": "lotus inotes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "model": "gmail for ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "mailmate",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freron",
            "version": "0"
          },
          {
            "model": "mail",
            "scope": null,
            "trust": 0.3,
            "vendor": "apple",
            "version": null
          },
          {
            "model": "airmail",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "airmail",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "BID",
            "id": "104165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:gnome:evolution:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:notes:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:emclient:emclient:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:horde:horde_imp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:9folders:nine:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:freron:mailmate:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kde:kmail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ritlabs:the_bat:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:outlook:2013:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:flipdogsolutions:maildroid:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:r2mail2:r2mail2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:mail:-:*:*:*:*:iphone_os:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:bloop:airmail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:outlook:2010:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:outlook:2007:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:google:gmail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:mail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kde:trojita:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:postbox-inc:postbox:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Damian Poddebniak, Christian Dresen, Jens Muller, Fabian Ising, Sebastian Schinzel1, Simon Friedberger, Juraj Somorovsky, and Jorg Schwenk",
        "sources": [
          {
            "db": "BID",
            "id": "104165"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-17689",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-108736",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULMON",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-17689",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "MEDIUM",
                "trust": 0.1,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-17689",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201712-724",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-108736",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-17689",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17689"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. In multiple mail clients OpenPGP and S/MIME A plaintext message may be leaked when decrypting the message. OpenPGP and S/MIME For e-mail clients that support, it is possible to establish a channel for sending plaintext by decrypting encrypted e-mail inserted with content crafted by an attacker with the user\u0027s e-mail client. The discoverer can attack with this vulnerability \"CBC/CFB gadget attack\" I call it. For example HTML image By inserting a tag, the decrypted message is HTTP It may be sent as part of the request. * *CVE-2017-17688: OpenPGP CFB Attacks * *CVE-2017-17689: S/MIME CBC Attacks Some email clients also use multipart MIME Because the message is not properly separated and processed, attackers can process encrypted mail in plain text. MIME It can be included in the part. in this case, CBC/CFB gadget attack The plaintext message may be sent without executing. Detail is, \u003ca href=\"https://efail.de/efail-attack-paper.pdf\" target=\"blank\"\u003e Articles provided by the discoverer \u003c/a\u003e Please refer to.A remote attacker may obtain plaintext from encrypted mail without the key information required for decryption. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. S/MIME is a certificate implementation for email encryption. A security vulnerability exists in S/MIME. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4244-1                   security@debian.org\nhttps://www.debian.org/security/                       Moritz Muehlenhoff\nJuly 13, 2018                         https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : thunderbird\nCVE ID         : CVE-2017-17689 CVE-2018-5188 CVE-2018-12359 CVE-2018-12360 \n                 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 \n                 CVE-2018-12366 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374\n\nMultiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1:52.9.1-1~deb9u1. \n\nWe recommend that you upgrade your thunderbird packages. \n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/thunderbird\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAltI+2sACgkQEMKTtsN8\nTjZXHRAAgOmSvTwwmmzxRH/4tSSpndZCFCtkHrG5PU5D3XesLGnWpNZk9aINsaU2\nih3fmEKzQgHHfAzK3d9TcGjyiI+PoVuWkVknsVqTrHd+xQtxUs7B/5Pfz5WKiYDJ\nQJ4NhjTgHHystYa0j2CvK28/ZoPVZgwnc/D051ChTInPWXimJI+TxpsndW/NPuaJ\nSphoPP34OMO2EARjrKCxiL6NRv6kD4CJv0AgoYfdO0qPXomuA8HpDAH1itd7GbRq\nyVJoZRnpz9dGjJSM5wyFCc1BIqmA/CMphhmqiRTuFBA+rOSEDblzfc2tg9t82CVQ\ncaA7rF3VrYx8qmgpP3akCju+SDOEWLerFGHH1iaQ+GBqiXvduvMl/MSXCZmVZzIC\n92Ko2m9kURkak4yKccEbHJ5Vh8i0oLUOc+Ee3MUUfWUblYbCcB4z34p9hRwc8u83\nmmGUbsq+qWvdcd9NkekKC/ENQZt4Egb3doeEzqSkaa4uhFaQ1gGosHXGslNTCqLl\n6RyeFON9Q5CWphQET+rmnlcJ8B1cSHgpG1ZTN6szlsQpiVgcRu/JYrgyzX9Y6WdY\nrAape6t+gsEeLOP7n9pZ/KYSadUF5CvYY/nX9H6kJO1RmG9y0A+8wAEuW+nSOMMJ\nvh2U09+y5XJHQqV0MMTKbnadxlyi8Oerc0zrYaoBuYhR7wmvkus=\n=R2OH\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          },
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "BID",
            "id": "104165"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17689"
          },
          {
            "db": "PACKETSTORM",
            "id": "148553"
          }
        ],
        "trust": 2.88
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-17689",
            "trust": 3.0
          },
          {
            "db": "BID",
            "id": "104165",
            "trust": 2.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#122919",
            "trust": 2.0
          },
          {
            "db": "JVN",
            "id": "JVNVU95575473",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "148553",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-108736",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17689",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17689"
          },
          {
            "db": "BID",
            "id": "104165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "PACKETSTORM",
            "id": "148553"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "id": "VAR-201805-0228",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108736"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-02-13T20:51:14.099000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Red Hat: CVE-2017-17689",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-17689"
          },
          {
            "title": "Efail-malleability-gadget-exploit",
            "trust": 0.1,
            "url": "https://github.com/jaads/efail-malleability-gadget-exploit "
          },
          {
            "title": "SecDB - Security Feeds",
            "trust": 0.1,
            "url": "https://github.com/giterlizzi/secdb-feeds "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2018/05/14/smime_pgp_encryption_flaw_emails_vulnerable_to_snooping/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-310",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://efail.de/"
          },
          {
            "trust": 1.9,
            "url": "https://efail.de/efail-attack-paper.pdf"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/104165"
          },
          {
            "trust": 1.8,
            "url": "https://www.synology.com/support/security/synology_sa_18_22"
          },
          {
            "trust": 1.8,
            "url": "https://efail.de"
          },
          {
            "trust": 1.8,
            "url": "https://news.ycombinator.com/item?id=17066419"
          },
          {
            "trust": 1.8,
            "url": "https://pastebin.com/gncc8aym"
          },
          {
            "trust": 1.8,
            "url": "https://twitter.com/matthew_d_green/status/996371541591019520"
          },
          {
            "trust": 1.2,
            "url": "https://www.kb.cert.org/vuls/id/122919"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17689"
          },
          {
            "trust": 0.8,
            "url": "https://tools.ietf.org/html/rfc4880"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17689"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17688"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu95575473/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17688"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577909"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-17689"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/jaads/efail-malleability-gadget-exploit"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12362"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12360"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12363"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12365"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12373"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5188"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12366"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12372"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12374"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12364"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12359"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/thunderbird"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17689"
          },
          {
            "db": "BID",
            "id": "104165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "PACKETSTORM",
            "id": "148553"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17689"
          },
          {
            "db": "BID",
            "id": "104165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "db": "PACKETSTORM",
            "id": "148553"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "date": "2018-05-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "date": "2018-05-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17689"
          },
          {
            "date": "2018-05-14T00:00:00",
            "db": "BID",
            "id": "104165"
          },
          {
            "date": "2018-05-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "date": "2018-07-14T12:12:00",
            "db": "PACKETSTORM",
            "id": "148553"
          },
          {
            "date": "2017-12-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          },
          {
            "date": "2018-05-16T19:29:00.303000",
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#122919"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108736"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17689"
          },
          {
            "date": "2018-05-14T00:00:00",
            "db": "BID",
            "id": "104165"
          },
          {
            "date": "2018-08-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-012995"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          },
          {
            "date": "2019-10-03T00:03:26.223000",
            "db": "NVD",
            "id": "CVE-2017-17689"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenPGP and S/MIME mail client vulnerabilities",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#122919"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-724"
          }
        ],
        "trust": 0.6
      }
    }