[SECURITY] Fedora 42 Update: roundcubemail-1.6.12-1.fc42

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 43 Update: roundcubemail-1.6.12-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Fedora 43 : roundcubemail (2025-58eb59741f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-58eb59741f advisory. Release 1.6.12 - Support IPv6 in database DSN 9937 - Don't force specific errorreporting setting - Fix compatibility with PHP 8.5 regarding arrayfir...

Fedora: Security Advisory (FEDORA-2025-fec36f9eaf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : roundcubemail (2025-fec36f9eaf)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-fec36f9eaf advisory. Release 1.6.12 - Support IPv6 in database DSN 9937 - Don't force specific errorreporting setting - Fix compatibility with PHP 8.5 regarding arrayfir...

MGASA-2025-0332 Updated roundcubemail packages fix security vulnerabilities

Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike. Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev...

Updated roundcubemail packages fix security vulnerabilities

Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike. Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev...

Debian: Security Advisory (DSA-6087-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6087-1] roundcube security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6087-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2025 https://www.debian.org/security/faq -...

Exploit for CVE-2025-68461

CVE-2025-68461 Roundcube Webmail before 1.5.12 and 1.6 befor...

SUSE CVE-2025-68460

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer...

SUSE CVE-2025-68461

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting XSS vulnerability via the animate tag in an SVG document...

Debian: Security Advisory (DLA-4415-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-6087-1 roundcube - security update

Bulletin has no description...

Debian dsa-6087 : roundcube - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6087 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6087-1 [email protected]...

[SECURITY] [DLA 4415-1] roundcube security update

Debian LTS Advisory DLA-4415-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 18, 2025 https://wiki.debian.org/LTS Package : roundcube Version : 1.4.15+dfsg.1-1+deb11u6 CVE ID : CVE-2025-68460 CVE-2025-68461 Debian Bug : 1122899 Vulnerabilities were...

CVE-2025-68460

A flaw was found in Roundcube Webmail. This information disclosure vulnerability resides within the HTML style sanitizer, potentially allowing an attacker to gain unauthorized access to sensitive information. The vulnerability is triggered by improper handling of HTML styles...

CVE-2025-68461

Roundcube Webmail contains a Cross-Site Scripting XSS vulnerability in its SVG handling. The application fails to properly sanitize the tag within SVG documents, allowing attackers to inject malicious scripts, potentially enabling session hijacking, credential theft, or unauthorized actions on...

EUVD-2025-204035

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting XSS vulnerability via the animate tag in an SVG document...

EUVD-2025-204036

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer...