CVE-2020-14932

Опубликовано: 20 июн. 2020

Источник: debian

EPSS Низкий

Описание

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
squirrelmail	removed			package

Примечания

https://www.openwall.com/lists/oss-security/2020/06/20/1

EPSS

Процентиль: 64%

0.00468

Низкий

Связанные уязвимости

CVE-2020-14932

CVSS3: 9.8

ubuntu

больше 5 лет назад

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.

CVE-2020-14932

CVSS3: 6.3

redhat

больше 5 лет назад

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.

CVE-2020-14932

CVSS3: 9.8

nvd

больше 5 лет назад

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.

GHSA-96wg-f4w5-jcvj

github

больше 3 лет назад

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.

EPSS

Процентиль: 64%

0.00468

Низкий