opensuse-su-2020:1516-1
Vulnerability from csaf_opensuse
Published
2020-09-24 12:21
Modified
2020-09-24 12:21
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
roundcubemail was upgraded to 1.3.15
This is a security update to the LTS version 1.3. (boo#1175135)
* Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
* Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content
From 1.3.14 (boo#1173792 -> CVE-2020-15562)
* Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace
From 1.3.13
* Installer: Fix regression in SMTP test section (#7417)
From 1.3.12
* Security: Better fix for CVE-2020-12641 (boo#1171148)
* Security: Fix XSS issue in template object 'username' (#7406)
* Security: Fix couple of XSS issues in Installer (#7406)
* Security: Fix cross-site scripting (XSS) via malicious XML attachment
From 1.3.11 (boo#1171148 -> CVE-2020-12641 boo#1171040 -> CVE-2020-12625 boo#1171149 -> CVE-2020-12640)
* Enigma: Fix compatibility with Mail_Mime >= 1.10.5
* Fix permissions on some folders created by bin/install-jsdeps.sh script (#6930)
* Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980)
* Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991)
* Fix PHP warning: 'array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003)
* Security: Fix XSS issue in handling of CDATA in HTML messages
* Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings
* Security: Fix local file inclusion (and code execution) via crafted 'plugins' option
* Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302)
From 1.3.10 (boo#1146286)
* Managesieve: Fix so 'Create filter' option does not show up when Filters menu is disabled (#6723)
* Enigma: Fix bug where revoked users/keys were not greyed out in key info
* Enigma: Fix error message when trying to encrypt with a revoked key (#6607)
* Enigma: Fix 'decryption oracle' bug [CVE-2019-10740] (#6638)
* Fix compatibility with kolab/net_ldap3 > 1.0.7 (#6785)
* Fix bug where bmp images couldn't be displayed on some systems (#6728)
* Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744)
* Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)
* Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746)
* Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793)
* Fix bug where selection of columns on messages list wasn't working
* Fix bug in converting multi-page Tiff images to Jpeg (#6824)
* Fix wrong messages order after returning to a multi-folder search result (#6836)
* Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866)
* Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898)
* Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899)
* Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897)
* Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896)
From 1.3.9 (boo#1115718)
* Fix TinyMCE download location (#6694)
* Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494)
* Fix handling of empty entries in vCard import (#6564)
* Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577)
* Fix PHP 7.2 compatibility in debug_logger plugin (#6586)
* Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581)
* Fix so mime_content_type check in Installer uses files that should always
be available (i.e. from program/resources) (#6599)
* Fix missing CSRF token on a link to download too-big message part (#6621)
* Fix bug when aborting dragging with ESC key didn't stop the move action (#6623)
* Fix bug where next row wasn't selected after deleting a collapsed thread (#6655)
From 1.3.8
* Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374)
* Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383)
* Enigma: Fix deleting keys with authentication subkeys (#6381)
* Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398)
* Fix so Classic skin splitter does not escape out of window (#6397)
* Fix XSS issue in handling invalid style tag content (#6410)
* Fix compatibility with MySQL 8 - error on 'system' table use
* Managesieve: Fix bug where show_real_foldernames setting wasn't respected (#6422)
* New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419)
* Fix support for 'allow-from <uri>' in 'x_frame_options' config option (#6449)
* Fix bug where valid content between HTML comments could have been skipped in some cases (#6464)
* Fix multiple VCard field search (#6466)
* Fix session issue on long running requests (#6470)
From 1.3.7 (boo#1115719)
* Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244)
* Fix bug where some parts of quota information could have been ignored (#6280)
* Fix bug where some escape sequences in html styles could bypass security checks
* Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names
* Fix bug where only attachments with the same name would be ignored on zip download (#6301)
* Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299)
* Fix bug where after 'mark all folders as read' action message counters were not reset (#6307)
* Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289)
* Fix bug where some HTML comments could have been malformed by HTML parser (#6333)
Patchnames
openSUSE-2020-1516
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for roundcubemail",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for roundcubemail fixes the following issues:\n\nroundcubemail was upgraded to 1.3.15\n\nThis is a security update to the LTS version 1.3. (boo#1175135)\n\n * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]\n * Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content\n\nFrom 1.3.14 (boo#1173792 -\u003e CVE-2020-15562)\n\n * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace\n\nFrom 1.3.13\n\n * Installer: Fix regression in SMTP test section (#7417)\n\nFrom 1.3.12\n\n * Security: Better fix for CVE-2020-12641 (boo#1171148)\n * Security: Fix XSS issue in template object \u0027username\u0027 (#7406)\n * Security: Fix couple of XSS issues in Installer (#7406)\n * Security: Fix cross-site scripting (XSS) via malicious XML attachment\n\nFrom 1.3.11 (boo#1171148 -\u003e CVE-2020-12641 boo#1171040 -\u003e CVE-2020-12625 boo#1171149 -\u003e CVE-2020-12640)\n\n * Enigma: Fix compatibility with Mail_Mime \u003e= 1.10.5\n * Fix permissions on some folders created by bin/install-jsdeps.sh script (#6930)\n * Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980)\n * Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991)\n * Fix PHP warning: \u0027array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003)\n * Security: Fix XSS issue in handling of CDATA in HTML messages\n * Security: Fix remote code execution via crafted \u0027im_convert_path\u0027 or \u0027im_identify_path\u0027 settings\n * Security: Fix local file inclusion (and code execution) via crafted \u0027plugins\u0027 option\n * Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302)\n\nFrom 1.3.10 (boo#1146286)\n\n * Managesieve: Fix so \u0027Create filter\u0027 option does not show up when Filters menu is disabled (#6723)\n * Enigma: Fix bug where revoked users/keys were not greyed out in key info\n * Enigma: Fix error message when trying to encrypt with a revoked key (#6607)\n * Enigma: Fix \u0027decryption oracle\u0027 bug [CVE-2019-10740] (#6638) \n * Fix compatibility with kolab/net_ldap3 \u003e 1.0.7 (#6785)\n * Fix bug where bmp images couldn\u0027t be displayed on some systems (#6728)\n * Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744)\n * Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)\n * Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746)\n * Fix bug where Next/Prev button in mail view didn\u0027t work with multi-folder search result (#6793)\n * Fix bug where selection of columns on messages list wasn\u0027t working\n * Fix bug in converting multi-page Tiff images to Jpeg (#6824)\n * Fix wrong messages order after returning to a multi-folder search result (#6836)\n * Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866)\n * Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898)\n * Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899)\n * Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897)\n * Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896)\n\nFrom 1.3.9 (boo#1115718)\n\n * Fix TinyMCE download location (#6694)\n * Fix bug where a message/rfc822 part without a filename wasn\u0027t listed on the attachments list (#6494)\n * Fix handling of empty entries in vCard import (#6564)\n * Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577)\n * Fix PHP 7.2 compatibility in debug_logger plugin (#6586)\n * Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581)\n * Fix so mime_content_type check in Installer uses files that should always\n be available (i.e. from program/resources) (#6599)\n * Fix missing CSRF token on a link to download too-big message part (#6621)\n * Fix bug when aborting dragging with ESC key didn\u0027t stop the move action (#6623)\n * Fix bug where next row wasn\u0027t selected after deleting a collapsed thread (#6655)\n\nFrom 1.3.8 \n\n * Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374)\n * Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383)\n * Enigma: Fix deleting keys with authentication subkeys (#6381)\n * Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398)\n * Fix so Classic skin splitter does not escape out of window (#6397)\n * Fix XSS issue in handling invalid style tag content (#6410)\n * Fix compatibility with MySQL 8 - error on \u0027system\u0027 table use\n * Managesieve: Fix bug where show_real_foldernames setting wasn\u0027t respected (#6422)\n * New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419)\n * Fix support for \u0027allow-from \u003curi\u003e\u0027 in \u0027x_frame_options\u0027 config option (#6449)\n * Fix bug where valid content between HTML comments could have been skipped in some cases (#6464)\n * Fix multiple VCard field search (#6466)\n * Fix session issue on long running requests (#6470)\n\nFrom 1.3.7 (boo#1115719)\n\n * Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244)\n * Fix bug where some parts of quota information could have been ignored (#6280)\n * Fix bug where some escape sequences in html styles could bypass security checks\n * Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names\n * Fix bug where only attachments with the same name would be ignored on zip download (#6301)\n * Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299)\n * Fix bug where after \u0027mark all folders as read\u0027 action message counters were not reset (#6307)\n * Enigma: [EFAIL] Don\u0027t decrypt PGP messages with no MDC protection (#6289)\n * Fix bug where some HTML comments could have been malformed by HTML parser (#6333)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1516",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1516-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1516-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3FA23YXQFYWKLULMWY4AOGET45U5NWC4/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1516-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3FA23YXQFYWKLULMWY4AOGET45U5NWC4/"
},
{
"category": "self",
"summary": "SUSE Bug 1115718",
"url": "https://bugzilla.suse.com/1115718"
},
{
"category": "self",
"summary": "SUSE Bug 1115719",
"url": "https://bugzilla.suse.com/1115719"
},
{
"category": "self",
"summary": "SUSE Bug 1146286",
"url": "https://bugzilla.suse.com/1146286"
},
{
"category": "self",
"summary": "SUSE Bug 1171040",
"url": "https://bugzilla.suse.com/1171040"
},
{
"category": "self",
"summary": "SUSE Bug 1171148",
"url": "https://bugzilla.suse.com/1171148"
},
{
"category": "self",
"summary": "SUSE Bug 1171149",
"url": "https://bugzilla.suse.com/1171149"
},
{
"category": "self",
"summary": "SUSE Bug 1173792",
"url": "https://bugzilla.suse.com/1173792"
},
{
"category": "self",
"summary": "SUSE Bug 1175135",
"url": "https://bugzilla.suse.com/1175135"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10740 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12625 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12640 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12641 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15562 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-16145 page",
"url": "https://www.suse.com/security/cve/CVE-2020-16145/"
}
],
"title": "Security update for roundcubemail",
"tracking": {
"current_release_date": "2020-09-24T12:21:24Z",
"generator": {
"date": "2020-09-24T12:21:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1516-1",
"initial_release_date": "2020-09-24T12:21:24Z",
"revision_history": [
{
"date": "2020-09-24T12:21:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
"product": {
"name": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
"product_id": "roundcubemail-1.3.15-bp152.4.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP1",
"product": {
"name": "SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1"
}
},
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP2",
"product": {
"name": "SUSE Package Hub 15 SP2",
"product_id": "SUSE Package Hub 15 SP2"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch"
},
"product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of SUSE Package Hub 15 SP2",
"product_id": "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
},
"product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch"
},
"product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
},
"product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10740"
}
],
"notes": [
{
"category": "general",
"text": "In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10740",
"url": "https://www.suse.com/security/cve/CVE-2019-10740"
},
{
"category": "external",
"summary": "SUSE Bug 1131801 for CVE-2019-10740",
"url": "https://bugzilla.suse.com/1131801"
},
{
"category": "external",
"summary": "SUSE Bug 1175135 for CVE-2019-10740",
"url": "https://bugzilla.suse.com/1175135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-24T12:21:24Z",
"details": "moderate"
}
],
"title": "CVE-2019-10740"
},
{
"cve": "CVE-2020-12625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12625"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12625",
"url": "https://www.suse.com/security/cve/CVE-2020-12625"
},
{
"category": "external",
"summary": "SUSE Bug 1171040 for CVE-2020-12625",
"url": "https://bugzilla.suse.com/1171040"
},
{
"category": "external",
"summary": "SUSE Bug 1175135 for CVE-2020-12625",
"url": "https://bugzilla.suse.com/1175135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-24T12:21:24Z",
"details": "moderate"
}
],
"title": "CVE-2020-12625"
},
{
"cve": "CVE-2020-12640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12640"
}
],
"notes": [
{
"category": "general",
"text": "Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12640",
"url": "https://www.suse.com/security/cve/CVE-2020-12640"
},
{
"category": "external",
"summary": "SUSE Bug 1171149 for CVE-2020-12640",
"url": "https://bugzilla.suse.com/1171149"
},
{
"category": "external",
"summary": "SUSE Bug 1175135 for CVE-2020-12640",
"url": "https://bugzilla.suse.com/1175135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-24T12:21:24Z",
"details": "critical"
}
],
"title": "CVE-2020-12640"
},
{
"cve": "CVE-2020-12641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12641"
}
],
"notes": [
{
"category": "general",
"text": "rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12641",
"url": "https://www.suse.com/security/cve/CVE-2020-12641"
},
{
"category": "external",
"summary": "SUSE Bug 1171148 for CVE-2020-12641",
"url": "https://bugzilla.suse.com/1171148"
},
{
"category": "external",
"summary": "SUSE Bug 1175135 for CVE-2020-12641",
"url": "https://bugzilla.suse.com/1175135"
},
{
"category": "external",
"summary": "SUSE Bug 1226069 for CVE-2020-12641",
"url": "https://bugzilla.suse.com/1226069"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-24T12:21:24Z",
"details": "critical"
}
],
"title": "CVE-2020-12641"
},
{
"cve": "CVE-2020-15562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15562"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15562",
"url": "https://www.suse.com/security/cve/CVE-2020-15562"
},
{
"category": "external",
"summary": "SUSE Bug 1173792 for CVE-2020-15562",
"url": "https://bugzilla.suse.com/1173792"
},
{
"category": "external",
"summary": "SUSE Bug 1175135 for CVE-2020-15562",
"url": "https://bugzilla.suse.com/1175135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-24T12:21:24Z",
"details": "moderate"
}
],
"title": "CVE-2020-15562"
},
{
"cve": "CVE-2020-16145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-16145"
}
],
"notes": [
{
"category": "general",
"text": "Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-16145",
"url": "https://www.suse.com/security/cve/CVE-2020-16145"
},
{
"category": "external",
"summary": "SUSE Bug 1175135 for CVE-2020-16145",
"url": "https://bugzilla.suse.com/1175135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
"openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-24T12:21:24Z",
"details": "moderate"
}
],
"title": "CVE-2020-16145"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…