PT-2019-14031 · Roundcube+4 · Roundcube Webmail+4

Julio Cesar Fort

·

Publicado

2019-08-20

·

Atualizado

2026-04-29

·

CVE-2019-15237

CVSS v3.1

7.4

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 1.4.0
Description The issue is related to how Roundcube Webmail handles Punycode xn-- domain names, which can lead to homograph attacks.
Recommendations For versions prior to 1.4.0, update to version 1.4.0 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2019-2818
ALT-PU-2019-2946
CVE-2019-15237
MGASA-2019-0420
USN-8223-1

Produtos afetados

Alt Linux
Debian
Linuxmint
Roundcube Webmail
Ubuntu