Mail@2.2.0 Security Vulnerabilities and Issues — Mail@2.2.0 CVE List

Lucene search

NextcloudMail2.2.0

4 matches found

CVE•added 2023/02/06 9:15 p.m.•57 views

CVE-2023-23943

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgra...

5CVSS4.4AI score0.00351EPSS

CVE•added 2023/10/16 7:15 p.m.•55 views

CVE-2023-45660

Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. ...

4.3CVSS4.5AI score0.0013EPSS

CVE•added 2023/05/27 5:15 a.m.•50 views

CVE-2023-33184

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.

5.3CVSS4.5AI score0.00125EPSS

CVE•added 2024/11/15 6:15 p.m.•41 views

CVE-2024-52509

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. ...

5.7CVSS3.8AI score0.00063EPSS