Lucene search
GoogleOSV:BIT-ROUNDCUBE-2020-12641HistoryMar 06, 2024 - 11:06 a.m.
BIT-roundcube-2020-12641
2024-03-0611:06:02
Google
osv.dev
3
bit-roundcube-2020-12641
roundcube webmail
arbitrary code
shell metacharacters
configuration setting
im_convert_path
im_identify_path
software
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
References
lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html
github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12641-Command%20Injection-Roundcube
github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3
github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4
github.com/roundcube/roundcubemail/releases/tag/1.4.4
roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
security.gentoo.org/glsa/202007-41
Related
cvelist
cvelist
CVE-2020-12641
2020-05-04 14:58:15
cisa_kev
cisa_kev
Roundcube Webmail Remote Code Execution Vulnerability
2023-06-22 00:00:00
debiancve
debiancve
CVE-2020-12641
2020-05-04 15:15:00
ubuntucve
ubuntucve
CVE-2020-12641
2020-05-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Roundcube Webmail Command Injection (CVE-2020-12641)
2020-08-17 00:00:00
prion
prion
Design/Logic Flaw
2020-05-04 15:15:00
attackerkb
attackerkb
CVE-2020-12641
2020-05-04 00:00:00
cve
cve
CVE-2020-12641
2020-05-04 15:15:00
osv
osv
CVE-2020-12641
2020-05-04 15:15:14
roundcube vulnerabilities
2022-08-08 06:30:29
nessus
nessus
Fedora 31 : roundcubemail (2020-2a1a6a8432)
2020-06-22 00:00:00
Fedora 32 : roundcubemail (2020-aeffd92b77)
2020-06-22 00:00:00
GLSA-202007-41 : Roundcube: Multiple vulnerabilities
2020-07-27 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: roundcubemail-1.4.6-1.fc32
2020-06-19 01:05:19
[SECURITY] Fedora 31 Update: roundcubemail-1.4.6-1.fc31
2020-06-19 01:07:28
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0261)
2022-01-28 00:00:00
Fedora: Security Advisory for roundcubemail (FEDORA-2020-2a1a6a8432)
2020-06-23 00:00:00
Fedora: Security Advisory for roundcubemail (FEDORA-2020-aeffd92b77)
2020-06-23 00:00:00
mageia
mageia
Updated roundcubemail packages fix security vulnerability
2020-06-15 10:54:40
suse
suse
Security update for roundcubemail (important)
2022-10-17 00:00:00
Security update for roundcubemail (moderate)
2020-09-24 00:00:00
securelist
securelist
Advanced threat predictions for 2024
2023-11-14 10:00:24
thn
thn
Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers
2023-06-26 10:54:00
gentoo
gentoo
Roundcube: Multiple vulnerabilities
2020-07-27 00:00:00
ubuntu
ubuntu
Roundcube Webmail vulnerabilities
2022-08-08 00:00:00
7.7 High
AI Score
Confidence
Low
0.123 Low
EPSS
Percentile
95.4%
Related for OSV:BIT-ROUNDCUBE-2020-12641