Mail Security Vulnerabilities and Issues — Mail CVE List

Lucene search

NextcloudMail

3 matches found

CVE•added 2023/02/06 9:15 p.m.•56 views

CVE-2023-23943

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgra...

5CVSS4.4AI score0.00351EPSS

CVE•added 2023/05/27 5:15 a.m.•49 views

CVE-2023-33184

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.

5.3CVSS4.5AI score0.00125EPSS

CVE•added 2023/02/13 9:15 p.m.•46 views

CVE-2023-25160

Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nex...

5.3CVSS4.8AI score0.00195EPSS