vulnerability
FreeBSD: VID-127674C6-4A27-11ED-9F93-002B67DFC673: roundcube-thunderbird_labels -- RCE with custom label titles
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Oct 10, 2022 | Nov 4, 2022 | Feb 19, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 10, 2022
Added
Nov 4, 2022
Modified
Feb 19, 2025
Description
The Roundcube project reports:
Description:
Remote code execution vulnerability in
roundcube-thunderbird_labels when tb_label_modify_labels is enabled.
Workaround:
If you cannot upgrade to roundcube-thunderbird_labels-1.4.13 disable the
tb_label_modify_labels config option.
Solution
freebsd-upgrade-package-roundcube-thunderbird_labels
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.