Libraesva ESG 4.5 < 5.0.31 / 5.1.20 / 5.2.31 / 5.3.16 / 5.4.8 / 5.5.7 Command Injection (CVE-2025-59689)

The version of Libraesva ESG installed on the remote host is affected by a command injection flaw as referenced in the CVE-2025-59689 advisory. The vulnerability is triggered by an improper sanitization mechanism when removing active code from specific compressed archive formats. An attacker can...

VulnCheck KEV: CVE-2025-59689

Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.31. For ESG 5.1 a fix has been released in 5.1.20. For ESG 5.2 a fix has been released in 5.2.31. For ESG 5.4 a fix has been released in 5.4.8. For...

CVE-2025-59689

Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.31. For ESG 5.1 a fix has been released in 5.1.20. For ESG 5.2 a fix has been released in 5.2.31. For ESG 5.4 a fix has been released in 5.4.8. For...

CVE-2025-59689

Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.31. For ESG 5.1 a fix has been released in 5.1.20. For ESG 5.2 a fix has been released in 5.2.31. For ESG 5.4 a fix has been released in 5.4.8. For...

CVE-2025-59689

Libraesva ESG is affected by CVE-2025-59689. The vulnerability allows command injection via a specially crafted compressed email attachment, impacting ESG 4.5 through 5.5.x prior to fixed versions. Affected fixes are: ESG 5.0.31, ESG 5.1.20, ESG 5.2.31, ESG 5.4.8, and ESG 5.5.7 (with older 4.5–5....

PT-2025-38625

Name of the Vulnerable Software and Affected Versions Libraesva Email Security Gateway versions 4.5 through 5.5.x before 5.5.7 Libraesva Email Security Gateway version 5.0 through 5.0.31 Libraesva Email Security Gateway version 5.1 through 5.1.20 Libraesva Email Security Gateway version 5.2 throu...