FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

roundcube -- IMAP command injection vulnerability

Affected packages
roundcube <= 1.3.5,1


VuXML ID 48894ca9-3e6f-11e8-92f0-f0def167eeea
Discovery 2018-04-11
Entry 2018-04-13

Upstream reports:

This update primarily fixes a recently discovered IMAP-cmd-injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under CVE-2018-9846.


CVE Name CVE-2018-9846