{"url":"http://public2.vulnerablecode.io/api/packages/102324?format=json","purl":"pkg:deb/debian/roundcube@1.6.8%2Bdfsg-1?distro=trixie","type":"deb","namespace":"debian","name":"roundcube","version":"1.6.8+dfsg-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.6.11+dfsg-1","latest_non_vulnerable_version":"1.6.16+dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40957?format=json","vulnerability_id":"VCID-8s13-v3gv-efhj","summary":"A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42008","reference_id":"","reference_type":"","scores":[{"value":"0.50951","scoring_system":"epss","scoring_elements":"0.97928","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969","reference_id":"1077969","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases/tag/1.5.8","reference_id":"1.5.8","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.5.8"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases/tag/1.6.8","reference_id":"1.6.8","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.6.8"},{"reference_url":"https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/","reference_id":"government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/"}],"url":"https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases","reference_id":"releases","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases"},{"reference_url":"https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8","reference_id":"security-updates-1.6.8-and-1.5.8","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/"}],"url":"https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8"},{"reference_url":"https://usn.ubuntu.com/8223-1/","reference_id":"USN-8223-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8223-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102269?format=json","purl":"pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f6bd-3n2d-2fd3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102323?format=json","purl":"pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102267?format=json","purl":"pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102324?format=json","purl":"pkg:deb/debian/roundcube@1.6.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102271?format=json","purl":"pkg:deb/debian/roundcube@1.6.15%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102270?format=json","purl":"pkg:deb/debian/roundcube@1.6.16%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.16%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2024-42008"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8s13-v3gv-efhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41098?format=json","vulnerability_id":"VCID-p4n3-6w9k-akde","summary":"A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42009","reference_id":"","reference_type":"","scores":[{"value":"0.91411","scoring_system":"epss","scoring_elements":"0.9968","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969","reference_id":"1077969","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases/tag/1.5.8","reference_id":"1.5.8","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.5.8"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases/tag/1.6.8","reference_id":"1.6.8","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.6.8"},{"reference_url":"https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/","reference_id":"government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/"}],"url":"https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases","reference_id":"releases","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases"},{"reference_url":"https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8","reference_id":"security-updates-1.6.8-and-1.5.8","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/"}],"url":"https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8"},{"reference_url":"https://usn.ubuntu.com/7636-1/","reference_id":"USN-7636-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7636-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102269?format=json","purl":"pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f6bd-3n2d-2fd3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102323?format=json","purl":"pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102267?format=json","purl":"pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102324?format=json","purl":"pkg:deb/debian/roundcube@1.6.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102271?format=json","purl":"pkg:deb/debian/roundcube@1.6.15%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102270?format=json","purl":"pkg:deb/debian/roundcube@1.6.16%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.16%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2024-42009"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4n3-6w9k-akde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41133?format=json","vulnerability_id":"VCID-rn93-e1k8-cycs","summary":"mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42010","reference_id":"","reference_type":"","scores":[{"value":"0.15089","scoring_system":"epss","scoring_elements":"0.94741","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969","reference_id":"1077969","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases/tag/1.5.8","reference_id":"1.5.8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.5.8"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases/tag/1.6.8","reference_id":"1.6.8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.6.8"},{"reference_url":"https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/","reference_id":"government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/"}],"url":"https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/"},{"reference_url":"https://github.com/roundcube/roundcubemail/releases","reference_id":"releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/"}],"url":"https://github.com/roundcube/roundcubemail/releases"},{"reference_url":"https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8","reference_id":"security-updates-1.6.8-and-1.5.8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/"}],"url":"https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8"},{"reference_url":"https://usn.ubuntu.com/8223-1/","reference_id":"USN-8223-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8223-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102269?format=json","purl":"pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f6bd-3n2d-2fd3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102323?format=json","purl":"pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102267?format=json","purl":"pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102324?format=json","purl":"pkg:deb/debian/roundcube@1.6.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102271?format=json","purl":"pkg:deb/debian/roundcube@1.6.15%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.15%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102270?format=json","purl":"pkg:deb/debian/roundcube@1.6.16%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.16%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2024-42010"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rn93-e1k8-cycs"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.8%252Bdfsg-1%3Fdistro=trixie"}