Information on source package sogo

Available versions

ReleaseVersion
buster4.0.7-1+deb10u2
bullseye5.0.1-4+deb11u1
bookworm5.8.0-1
trixie5.10.0-2
sid5.10.0-2

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2024-34462vulnerable (no DSA, postponed)vulnerablevulnerablevulnerablevulnerableAlinto SOGo through 5.10.0 allows XSS during attachment preview.
CVE-2023-48104vulnerable (no DSA, ignored)vulnerablevulnerablefixedfixedAlinto SOGo before 5.9.1 is vulnerable to HTML Injection.
CVE-2022-4558vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA vulnerability was found in Alinto SOGo up to 5.7.1. It has been clas ...
CVE-2022-4556vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA vulnerability was found in Alinto SOGo up to 5.7.1 and classified as ...

Resolved issues

BugDescription
CVE-2021-33054SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not valida ...
CVE-2020-22402Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 ...
CVE-2016-6191Multiple cross-site scripting (XSS) vulnerabilities in the View Raw So ...
CVE-2016-6190SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to th ...
CVE-2016-6189Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows ...
CVE-2016-6188Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of ...
CVE-2015-5395Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.
CVE-2014-9905Multiple cross-site scripting (XSS) vulnerabilities in the Web Calenda ...

Security announcements

DSA / DLADescription
DSA-5029-1sogo - security update
DLA-2707-1sogo - security update

Search for package or bug name: Reporting problems