MGASA-2017-0409
- Source
- https://advisories.mageia.org/MGASA-2017-0409.html
- Import Source
- https://advisories.mageia.org/MGASA-2017-0409.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2017-0409
- Related
- Published
- 2017-11-16T07:39:32Z
- Modified
- 2017-11-16T07:09:40Z
- Summary
- Updated roundcubemail packages fix security vulnerability
- Details
-
It was discovered that roundcubemail contained a zero-day file disclosure vulnerability caused by insuficient input validation which was currently being exploited by hackers to read roundcube's configuration files and steal its database credentials (CVE-2017-16651).
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / roundcubemail
Package
- Name
- roundcubemail
- Purl
- pkg:rpm/mageia/roundcubemail?distro=mageia-5
Mageia:6 / roundcubemail
Package
- Name
- roundcubemail
- Purl
- pkg:rpm/mageia/roundcubemail?distro=mageia-6