Debian Php-Horde-Turba vulnerabilities
2 known vulnerabilities affecting debian/php-horde-turba.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1LOW1
Vulnerabilities
Page 1 of 1
CVE-2022-30287HIGHCVSS 8.0fixed in php-horde-turba 4.2.25-6 (bookworm)2022
CVE-2022-30287 [HIGH] CVE-2022-30287: php-horde-turba - Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection att...
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.
Scope: local
bookworm: resolved (fixed in 4.2.25-6)
bullseye: resolved (fixed in 4.2.25-5+deb11u2)
sid: resolved (fixed in 4.2.25-6)
debian
CVE-2013-6364LOWCVSS 8.8PoCfixed in php-horde-turba 4.1.3-1 (bookworm)2013
CVE-2013-6364 [HIGH] CVE-2013-6364: php-horde - Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual...
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book
Scope: local
bookworm: resolved
bullseye: resolved
sid: resolved
debian