The vulnerability of the im_convert_path/im_identify_path function in the RoundCube Webmail client allows a hacker to exploit their privileges.

The vulnerability of the imconvertpath/imidentifypath function in the RoundCube Webmail email client is related to the lack of measures taken at the administrative level to clean up data. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

SUSE CVE-2024-37385

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via imconvertpath and imidentifypath. NOTE: this issue exists because of an incomplete fix for CVE-2020-12641...

DEBIAN-CVE-2023-51886

Buffer Overflow vulnerability in the main function in Mathtex 1.05 and before allows a remote attacker to cause a denial of service when using \convertpath...

SUSE CVE-2021-38593

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke...

OESA-2022-2060 qt5-qtbase security update

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. Security Fixes: Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and...