GHSA-RFQ9-4WCM-64GH ImapEngine affected by command injection via the ID command parameters

Versions of the package directorytree/imapengine before 1.22.3 are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the id function in ImapConnection.php due to improperly escaping user input before including it in IMAP ID commands...

CVE-2026-2469

Versions of the package directorytree/imapengine before 1.22.3 are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the id function in ImapConnection.php due to improperly escaping user input before including it in IMAP ID commands...

CVE-2026-2469

Versions of the package directorytree/imapengine before 1.22.3 are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the id function in ImapConnection.php due to improperly escaping user input before including it in IMAP ID commands...

PT-2026-8056

Name of the Vulnerable Software and Affected Versions directorytree/imapengine versions prior to 1.22.3 Description The software contains a flaw due to improper handling of user-supplied data before it is used in IMAP ID commands within the ImapConnection.php file. Specifically, the id function...

EUVD-2008-3435

Malware in sbrugna...

CVE-2021-29969

If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for...

OPENSUSE-SU-2020:2158-1 Security update for neomutt

This update for neomutt fixes the following issues: Update neomutt to 20201120. Address boo1179035, CVE-2020-28896. Security - imap: close connection on all failures Features - alias: add function to Alias/Query dialogs - config: add validators for imap,smtp,popauthenticators - config: warn when...

Debian DSA-4702-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Fedora 22 : roundcubemail-1.1.2-1.fc22 (2015-11405)

Release 1.1.2 - Add new plugin hook 'identitycreateafter' providing the ID of the inserted identity 1490358 - Add option to place signature at bottom of the quoted text even in top-posting mode sigbelow - Fix handling of %-encoded entities in mailto: URLs 1490346 - Fix zipped messages downloads...