vulnerability
FreeBSD: VID-127674c6-4a27-11ed-9f93-002b67dfc673: roundcube-thunderbird_labels -- RCE with custom label titles
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Oct 12, 2022 | Nov 4, 2022 | Dec 10, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 12, 2022
Added
Nov 4, 2022
Modified
Dec 10, 2025
Description
The Roundcube project reports: Description: Remote code execution vulnerability in roundcube-thunderbird_labels when tb_label_modify_labels is enabled. Workaround: If you cannot upgrade to roundcube-thunderbird_labels-1.4.13 disable the tb_label_modify_labels config option.
Solution
freebsd-upgrade-package-roundcube-thunderbird_labels
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.