Release | Version |
---|---|
bullseye | 5.0.1-4+deb11u1 |
bookworm | 5.8.0-1 |
trixie | 5.11.0-2 |
sid | 5.11.0-2 |
Bug | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|
CVE-2024-34462 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | Alinto SOGo through 5.10.0 allows XSS during attachment preview. |
CVE-2024-24510 | vulnerable | vulnerable | fixed | fixed | Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows ... |
CVE-2023-48104 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | Alinto SOGo before 5.9.1 is vulnerable to HTML Injection. |
CVE-2022-4558 | vulnerable (no DSA) | fixed | fixed | fixed | A vulnerability was found in Alinto SOGo up to 5.7.1. It has been clas ... |
CVE-2022-4556 | vulnerable (no DSA) | fixed | fixed | fixed | A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as ... |
Bug | Description |
---|---|
CVE-2021-33054 | SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not valida ... |
CVE-2020-22402 | Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 ... |
CVE-2016-6191 | Multiple cross-site scripting (XSS) vulnerabilities in the View Raw So ... |
CVE-2016-6190 | SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to th ... |
CVE-2016-6189 | Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows ... |
CVE-2016-6188 | Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of ... |
CVE-2015-5395 | Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0. |
CVE-2014-9905 | Multiple cross-site scripting (XSS) vulnerabilities in the Web Calenda ... |
DSA / DLA | Description |
---|---|
DSA-5029-1 | sogo - security update |
DLA-2707-1 | sogo - security update |