CVE-2018-1000071
published 2018-03-13CVE-2018-1000071: roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This…
PriorityP339high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EPSS
1.71%
74.5th percentile
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | roundcube | < roundcube 1.3.10+dfsg.1-1 (bookworm) | roundcube 1.3.10+dfsg.1-1 (bookworm) |
| roundcube | roundcube_webmail | >= 0 < 1.2~beta+dfsg.1-0ubuntu1+esm7 | 1.2~beta+dfsg.1-0ubuntu1+esm7 |
| roundcube | roundcube_webmail | >= 0 < 1.3.6+dfsg.1-1ubuntu0.1~esm7 | 1.3.6+dfsg.1-1ubuntu0.1~esm7 |
| roundcube | webmail | <= 1.3.4 | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv7.5HIGH
vendor_debian7.5LOW
vendor_ubuntu6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Roundcube Webmail vulnerabilities
vendor_ubuntu·2026-03-30·CVSS 6.1
CVE-2018-19205 [MEDIUM] Roundcube Webmail vulnerabilities
Title: Roundcube Webmail vulnerabilities
Summary: Several security issues were fixed in Roundcube Webmail.
It was discovered that Roundcube Webmail did not properly sanitize
certain HTML elements within the e-mail body. An attacker could possibly
use this issue to cause a cross-site scripting attack. This issue was only
addressed in Ubuntu 16.04 LTS. (CVE-2016-4068, CVE-2016-4069)
It was discovered that Roundcube Webmail did not properly handle certain
configuration parameters. An attacker could possibly use this issue to
execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS.
(CVE-2016-9920)
It was discovered that Roundcube Webmail did not properly sanitize CSS styles
within SVG documents. An attacker could possibly use this issue to cause
a cross-site scripting att
Debian
CVE-2018-1000071: roundcube - roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerabili...
vendor_debian·2018·CVSS 7.5
CVE-2018-1000071 [HIGH] CVE-2018-1000071: roundcube - roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerabili...
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.
Scope: local
bookworm: resolved (fixed in 1.3.10+dfsg.1-1)
bullseye: resolved (fixed in 1.3.10+dfsg.1-1)
forky: resolved (fixed in 1.3.10+dfsg.1-1)
sid: resolved (fixed in 1.3.10+dfsg.1-1)
trixie: resolved (fixed in 1.3.10+dfsg.1-1)
OSV
roundcube vulnerabilities
osv·2026-03-30·CVSS 6.1
CVE-2016-4068 [MEDIUM] roundcube vulnerabilities
roundcube vulnerabilities
It was discovered that Roundcube Webmail did not properly sanitize
certain HTML elements within the e-mail body. An attacker could possibly
use this issue to cause a cross-site scripting attack. This issue was only
addressed in Ubuntu 16.04 LTS. (CVE-2016-4068, CVE-2016-4069)
It was discovered that Roundcube Webmail did not properly handle certain
configuration parameters. An attacker could possibly use this issue to
execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS.
(CVE-2016-9920)
It was discovered that Roundcube Webmail did not properly sanitize CSS styles
within SVG documents. An attacker could possibly use this issue to cause
a cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS.
(CVE-2017-6820)
It was di
GHSA
GHSA-5jgp-7xfp-x54p: roundcube version 1
ghsa_unreviewed·2022-05-13
CVE-2018-1000071 [HIGH] CWE-732 GHSA-5jgp-7xfp-x54p: roundcube version 1
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.
OSV
CVE-2018-1000071: roundcube version 1
osv·2018-03-13·CVSS 7.5
CVE-2018-1000071 [HIGH] CVE-2018-1000071: roundcube version 1
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file [epel-all]
bugzilla·2018-02-26·CVSS 7.5
CVE-2018-1000071 [HIGH] CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file [epel-all]
CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this iss
Bugzilla
CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file [fedora-all]
bugzilla·2018-02-26·CVSS 7.5
CVE-2018-1000071 [HIGH] CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file [fedora-all]
CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this
Bugzilla
CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file
bugzilla·2018-02-26·CVSS 7.5
CVE-2018-1000071 [HIGH] CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file
CVE-2018-1000071 roundcubemail: Permissions issue in enigma plugin allows exfiltration secret gpg key file
Enigma plugin in roundcube installation running on nginx web server is vulnerable to insecure permissions due to which a remote attacker is able to exfiltrate user's password protected secret GPG key file using a specially crafted URL.
Affected versions: before 1.3.4
References:
https://github.com/roundcube/roundcubemail/issues/6173
https://www.legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt
Discussion:
Created roundcubemail tracking bugs for this issue:
Affects: epel-all [bug 1549056]
Affects: fedora-all [bug 1549055]
---
1/ Fedora package don't use .htacess, but protect the directory for both httpd and nginx
2/ The enigma plugin use /var/lib/roundcubem
2018-03-13
Published