Lucene search
GoogleOSV:CVE-2020-12641HistoryMay 04, 2020 - 3:15 p.m.
CVE-2020-12641
2020-05-0415:15:14
Google
osv.dev
3
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
| CPE | Name | Operator | Version |
|---|---|---|---|
| roundcubemail | eq | 1.4.3 | |
| roundcubemail | eq | 1.4.0 | |
| roundcubemail | eq | 1.4.1 | |
| roundcubemail | eq | 1.4.2 |
References
lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html
github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12641-Command%20Injection-Roundcube
github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3
github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4
github.com/roundcube/roundcubemail/releases/tag/1.4.4
roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
security.gentoo.org/glsa/202007-41
Related
cvelist
cvelist
CVE-2020-12641
2020-05-04 14:58:15
CVE-2024-37385
1976-01-01 00:00:00
cisa_kev
cisa_kev
Roundcube Webmail Remote Code Execution Vulnerability
2023-06-22 00:00:00
prion
prion
Design/Logic Flaw
2020-05-04 15:15:00
checkpoint_advisories
checkpoint_advisories
Roundcube Webmail Command Injection (CVE-2020-12641)
2020-08-17 00:00:00
debiancve
debiancve
CVE-2020-12641
2020-05-04 15:15:14
CVE-2024-37385
2024-06-07 04:15:30
ubuntucve
ubuntucve
CVE-2020-12641
2020-05-04 00:00:00
CVE-2024-37385
2024-06-11 00:00:00
osv
osv
BIT-roundcube-2020-12641
2024-03-06 11:06:02
CVE-2024-37385
2024-06-07 04:15:30
roundcube vulnerabilities
2022-08-08 06:30:29
attackerkb
attackerkb
CVE-2020-12641
2020-05-04 00:00:00
cve
cve
CVE-2020-12641
2020-05-04 15:15:14
CVE-2024-37385
2024-06-07 04:15:30
nvd
nvd
CVE-2020-12641
2020-05-04 15:15:14
CVE-2024-37385
2024-06-07 04:15:30
nessus
nessus
Fedora 31 : roundcubemail (2020-2a1a6a8432)
2020-06-22 00:00:00
Fedora 32 : roundcubemail (2020-aeffd92b77)
2020-06-22 00:00:00
GLSA-202007-41 : Roundcube: Multiple vulnerabilities
2020-07-27 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: roundcubemail-1.4.6-1.fc32
2020-06-19 01:05:19
[SECURITY] Fedora 31 Update: roundcubemail-1.4.6-1.fc31
2020-06-19 01:07:28
openvas
openvas
Fedora: Security Advisory for roundcubemail (FEDORA-2020-2a1a6a8432)
2020-06-23 00:00:00
Fedora: Security Advisory for roundcubemail (FEDORA-2020-aeffd92b77)
2020-06-23 00:00:00
Mageia: Security Advisory (MGASA-2020-0261)
2022-01-28 00:00:00
mageia
mageia
Updated roundcubemail packages fix security vulnerability
2020-06-15 10:54:40
securelist
securelist
Advanced threat predictions for 2024
2023-11-14 10:00:24
suse
suse
Security update for roundcubemail (important)
2022-10-17 00:00:00
Security update for roundcubemail (moderate)
2020-09-24 00:00:00
thn
thn
Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers
2023-06-26 10:54:00
gentoo
gentoo
Roundcube: Multiple vulnerabilities
2020-07-27 00:00:00
ubuntu
ubuntu
Roundcube Webmail vulnerabilities
2022-08-08 00:00:00