Release | Version |
---|---|
jessie | 5.2.1+debian0-2+deb8u3 |
jessie (security) | 5.2.1+debian0-2+deb8u5 |
stretch | 5.2.13+debian0-1 |
buster | 5.2.20+debian0-1 |
bullseye | 5.2.21+debian0-1 |
sid | 5.2.21+debian0-1 |
Bug | jessie | stretch | buster | bullseye | sid | Description |
---|---|---|---|---|---|---|
CVE-2019-12095 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ... |
CVE-2019-12094 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ... |
CVE-2017-16907 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ... |
Bug | Description |
---|---|
TEMP-0785364-25992B | XSS in group administration |
CVE-2016-2228 | Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_me ... |
CVE-2015-7984 | Multiple cross-site request forgery (CSRF) vulnerabilities in Horde be ... |
CVE-2013-6365 | Horde Groupware Web mail 5.1.2 has CSRF with requests to change permis ... |
CVE-2013-6364 | Horde Groupware Webmail Edition has CSRF and XSS when saving search as ... |
CVE-2013-1090 | The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership fo ... |
DSA / DLA | Description |
---|---|
DLA-2033-1 | php-horde - security update |
DLA-1535-1 | php-horde - security update |
DSA-3497-1 | php-horde - security update |
DSA-3391-1 | php-horde - security update |