Search for packages
| purl | pkg:deb/debian/roundcube@1.1.5%2Bdfsg.1-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-brmp-djyb-q3b7 | Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors. |
CVE-2016-4069
|
| VCID-spk8-q616-rkda | Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068. |
CVE-2015-8864
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:47:12.068612+00:00 | Debian Importer | Fixing | VCID-spk8-q616-rkda | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T10:20:20.130743+00:00 | Debian Importer | Fixing | VCID-brmp-djyb-q3b7 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:02:18.281312+00:00 | Debian Importer | Fixing | VCID-spk8-q616-rkda | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T06:57:41.502375+00:00 | Debian Importer | Fixing | VCID-brmp-djyb-q3b7 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:52:07.547706+00:00 | Debian Importer | Fixing | VCID-brmp-djyb-q3b7 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:52:07.456728+00:00 | Debian Importer | Fixing | VCID-spk8-q616-rkda | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |