Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/roundcube@0?distro=trixie

Type deb

Namespace debian

Name roundcube

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.1~rc2-6

Latest_non_vulnerable_version 1.6.15+dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3rza-7fvy-guce

vulnerability_id VCID-3rza-7fvy-guce

summary Roundcube Webmail: Unsafe deserialization in the redis/memcache session handler

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-35537

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04547
published_at	2026-04-21T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08646
published_at	2026-04-04T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08564
published_at	2026-04-07T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08637
published_at	2026-04-08T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12111
published_at	2026-04-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12104
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13303
published_at	2026-04-18T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14317
published_at	2026-04-13T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14373
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-35537

reference_url

https://github.com/roundcube/roundcubemail

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/roundcube/roundcubemail

reference_url

https://github.com/roundcube/roundcubemail/commit/618c5428edc69fb088e7ac6c89e506dd39df3

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:34Z/

url

https://github.com/roundcube/roundcubemail/commit/618c5428edc69fb088e7ac6c89e506dd39df3

reference_url

https://github.com/roundcube/roundcubemail/commit/6d586cfa4d8a31f7957f7a445aaedd52592a0e74

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:34Z/

url

https://github.com/roundcube/roundcubemail/commit/6d586cfa4d8a31f7957f7a445aaedd52592a0e74

reference_url

https://github.com/roundcube/roundcubemail/commit/a4ead994d2f0ea92e4a1603196a197e0d5df1620

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:34Z/

url

https://github.com/roundcube/roundcubemail/commit/a4ead994d2f0ea92e4a1603196a197e0d5df1620

reference_url

https://github.com/roundcube/roundcubemail/releases/tag/1.5.14

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:34Z/

url

https://github.com/roundcube/roundcubemail/releases/tag/1.5.14

reference_url

https://github.com/roundcube/roundcubemail/releases/tag/1.6.14

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:34Z/

url

https://github.com/roundcube/roundcubemail/releases/tag/1.6.14

reference_url

https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:34Z/

url

https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5

reference_url

https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:34Z/

url

https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14

reference_url

http://www.openwall.com/lists/oss-security/2026/04/11/6

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/11/6

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id	1131182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-35537

reference_id

CVE-2026-35537

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-35537

reference_url

https://github.com/advisories/GHSA-rxj3-rrwm-pj4r

reference_id

GHSA-rxj3-rrwm-pj4r

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rxj3-rrwm-pj4r

fixed_packages

url	pkg:deb/debian/roundcube@0?distro=trixie
purl	pkg:deb/debian/roundcube@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rdb5-bbvn-7fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u8?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u8%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.13%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.14%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.14%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2026-35537, GHSA-rxj3-rrwm-pj4r

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rza-7fvy-guce

url VCID-am6h-k37a-j3au

vulnerability_id VCID-am6h-k37a-j3au

summary Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-5646

reference_id

reference_type

scores

value	0.00159
scoring_system	epss
scoring_elements	0.36672
published_at	2026-04-01T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36827
published_at	2026-04-02T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36859
published_at	2026-04-04T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36695
published_at	2026-04-07T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36745
published_at	2026-04-08T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36762
published_at	2026-04-09T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36771
published_at	2026-04-11T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36736
published_at	2026-04-12T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.3671
published_at	2026-04-13T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36755
published_at	2026-04-16T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36737
published_at	2026-04-18T12:55:00Z

value	0.00159
scoring_system	epss
scoring_elements	0.36678
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-5646

fixed_packages

url	pkg:deb/debian/roundcube@0?distro=trixie
purl	pkg:deb/debian/roundcube@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rdb5-bbvn-7fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.13%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2013-5646

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-am6h-k37a-j3au

url VCID-cqkb-9pzc-skf1

vulnerability_id VCID-cqkb-9pzc-skf1

summary Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3507

reference_id

reference_type

scores

value	0.00407
scoring_system	epss
scoring_elements	0.61166
published_at	2026-04-21T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61014
published_at	2026-04-01T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61091
published_at	2026-04-02T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61119
published_at	2026-04-04T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61085
published_at	2026-04-07T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61134
published_at	2026-04-08T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61149
published_at	2026-04-09T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.6117
published_at	2026-04-11T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61156
published_at	2026-04-12T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61137
published_at	2026-04-13T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61178
published_at	2026-04-16T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61184
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3507

reference_url	http://secunia.com/advisories/50212
reference_id
reference_type
scores
url	http://secunia.com/advisories/50212

reference_url	http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.8.0/
reference_id
reference_type
scores
url	http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.8.0/

reference_url	http://trac.roundcube.net/ticket/1488519
reference_id
reference_type
scores
url	http://trac.roundcube.net/ticket/1488519

reference_url	http://www.openwall.com/lists/oss-security/2012/08/20/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/20/2

reference_url	http://www.openwall.com/lists/oss-security/2012/08/20/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/20/3

reference_url	http://www.openwall.com/lists/oss-security/2012/08/20/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/20/9

reference_url	http://www.securelist.com/en/advisories/50212
reference_id
reference_type
scores
url	http://www.securelist.com/en/advisories/50212

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail::::::::
reference_id	cpe:2.3:a:roundcube:webmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20050811::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:20050811::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20050811::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20050820::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:20050820::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20050820::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20051007::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:20051007::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20051007::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20051021::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:20051021::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:20051021::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:alpha::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:alpha::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:alpha::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta2::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc1::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc2::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:stable::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:stable::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:stable::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:alpha::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.2:alpha::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:alpha::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.2:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:stable::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.2:stable::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:stable::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.3:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:rc1::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:stable::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.3:stable::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:stable::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.4:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.3:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.4:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.5:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:rc::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.5:rc::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:rc::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.6:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-3507

reference_id

CVE-2012-3507

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-3507

fixed_packages

url	pkg:deb/debian/roundcube@0?distro=trixie
purl	pkg:deb/debian/roundcube@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rdb5-bbvn-7fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.13%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2012-3507

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cqkb-9pzc-skf1

url VCID-eewu-36xn-myf9

vulnerability_id VCID-eewu-36xn-myf9

summary Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via im_convert_path and im_identify_path. NOTE: this issue exists because of an incomplete fix for CVE-2020-12641.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-37385

reference_id

reference_type

scores

value	0.00832
scoring_system	epss
scoring_elements	0.74608
published_at	2026-04-21T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74577
published_at	2026-04-09T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.746
published_at	2026-04-11T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74581
published_at	2026-04-12T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74572
published_at	2026-04-13T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74609
published_at	2026-04-16T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74617
published_at	2026-04-18T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74528
published_at	2026-04-02T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74555
published_at	2026-04-04T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74529
published_at	2026-04-07T12:55:00Z

value	0.00832
scoring_system	epss
scoring_elements	0.74561
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-37385

reference_url

https://github.com/roundcube/roundcubemail/releases/tag/1.5.7

reference_id

1.5.7

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-29T14:19:33Z/

url

https://github.com/roundcube/roundcubemail/releases/tag/1.5.7

reference_url

https://github.com/roundcube/roundcubemail/releases/tag/1.6.7

reference_id

1.6.7

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-29T14:19:33Z/

url

https://github.com/roundcube/roundcubemail/releases/tag/1.6.7

reference_url

https://github.com/roundcube/roundcubemail/commit/5ea9f37ce39374b6124586c0590fec7015d35d7f

reference_id

5ea9f37ce39374b6124586c0590fec7015d35d7f

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-29T14:19:33Z/

url

https://github.com/roundcube/roundcubemail/commit/5ea9f37ce39374b6124586c0590fec7015d35d7f

fixed_packages

url	pkg:deb/debian/roundcube@0?distro=trixie
purl	pkg:deb/debian/roundcube@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rdb5-bbvn-7fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.13%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-37385

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eewu-36xn-myf9

url VCID-jkut-q94f-sbd5

vulnerability_id VCID-jkut-q94f-sbd5

summary roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1), allows remote attackers to obtain the full path of the application via an invalid_task parameter, which leaks the path in an error message.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-4368

reference_id

reference_type

scores

value	0.00346
scoring_system	epss
scoring_elements	0.5715
published_at	2026-04-21T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57031
published_at	2026-04-01T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57125
published_at	2026-04-02T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57147
published_at	2026-04-13T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57123
published_at	2026-04-07T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57174
published_at	2026-04-08T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57177
published_at	2026-04-09T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57188
published_at	2026-04-11T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57167
published_at	2026-04-12T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57175
published_at	2026-04-16T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57171
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-4368

reference_url	http://www.securityfocus.com/archive/1/418851/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/418851/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/419710/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/419710/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/422168/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/422168/100/0/threaded

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:-:alpha::::::
reference_id	cpe:2.3:a:roundcube:webmail:-:alpha::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:-:alpha::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-4368

reference_id

CVE-2005-4368

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2005-4368

fixed_packages

url	pkg:deb/debian/roundcube@0?distro=trixie
purl	pkg:deb/debian/roundcube@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rdb5-bbvn-7fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.13%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2005-4368

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jkut-q94f-sbd5

url VCID-p1fk-9wdh-83ae

vulnerability_id VCID-p1fk-9wdh-83ae

summary Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5383

reference_id

reference_type

scores

value	0.01804
scoring_system	epss
scoring_elements	0.82745
published_at	2026-04-01T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82761
published_at	2026-04-02T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82774
published_at	2026-04-04T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82771
published_at	2026-04-07T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82797
published_at	2026-04-08T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82803
published_at	2026-04-09T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82819
published_at	2026-04-11T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82815
published_at	2026-04-12T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.8281
published_at	2026-04-13T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82849
published_at	2026-04-16T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82848
published_at	2026-04-18T12:55:00Z

value	0.01804
scoring_system	epss
scoring_elements	0.82851
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5383

fixed_packages

url	pkg:deb/debian/roundcube@0?distro=trixie
purl	pkg:deb/debian/roundcube@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rdb5-bbvn-7fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.13%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2015-5383

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1fk-9wdh-83ae

url VCID-q7hf-9w59-n3an

vulnerability_id VCID-q7hf-9w59-n3an

summary Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.8.5 allows remote attackers to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00051.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00051.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-09/msg00018.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-09/msg00018.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-6121

reference_id

reference_type

scores

value	0.00407
scoring_system	epss
scoring_elements	0.61166
published_at	2026-04-21T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61014
published_at	2026-04-01T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61091
published_at	2026-04-02T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61119
published_at	2026-04-04T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61085
published_at	2026-04-07T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61134
published_at	2026-04-08T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61149
published_at	2026-04-09T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.6117
published_at	2026-04-11T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61156
published_at	2026-04-12T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61137
published_at	2026-04-13T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61178
published_at	2026-04-16T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61184
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-6121

reference_url	https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba
reference_id
reference_type
scores
url	https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba

reference_url	http://sourceforge.net/news/?group_id=139281&id=310213
reference_id
reference_type
scores
url	http://sourceforge.net/news/?group_id=139281&id=310213

reference_url	http://trac.roundcube.net/ticket/1488850
reference_id
reference_type
scores
url	http://trac.roundcube.net/ticket/1488850

reference_url	http://www.openwall.com/lists/oss-security/2013/02/08/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/02/08/1

reference_url	http://www.securityfocus.com/bid/57849
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/57849

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail::::::::
reference_id	cpe:2.3:a:roundcube:webmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta2::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc1::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc2::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:stable::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.1:stable::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.1:stable::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:alpha::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.2:alpha::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:alpha::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.2:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:stable::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.2:stable::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.2:stable::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.3:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:rc1::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:stable::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.3:stable::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.3:stable::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.4:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.4:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.3:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.4:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:beta::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.5:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:rc::::::
reference_id	cpe:2.3:a:roundcube:webmail:0.5:rc::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.5:rc::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.6:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.3:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.0:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.1:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.2:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.3:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:0.8.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-6121

reference_id

CVE-2012-6121

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-6121

fixed_packages

url	pkg:deb/debian/roundcube@0?distro=trixie
purl	pkg:deb/debian/roundcube@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rdb5-bbvn-7fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.13%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.13%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/roundcube@1.6.15%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2012-6121

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q7hf-9w59-n3an

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@0%3Fdistro=trixie

Package Instance