roundcube

Direct Vulnerabilities

Known vulnerabilities in the roundcube package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M CVE-2024-42010	<1.4.3+dfsg.1-1ubuntu0.1~esm8
M Inclusion of Functionality from Untrusted Control Sphere	<1.4.3+dfsg.1-1ubuntu0.1~esm8
M Unprotected Alternate Channel	<1.4.3+dfsg.1-1ubuntu0.1~esm8
H Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm7
H Deserialization of Untrusted Data	<1.4.3+dfsg.1-1ubuntu0.1~esm5
M Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm4
H Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm4
H Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm4
M CVE-2024-37384	<1.4.3+dfsg.1-1ubuntu0.1~esm4
H Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm3
L CVE-2019-15237	<1.4.3+dfsg.1-1ubuntu0.1~esm8
M Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm2
H SQL Injection	<1.4.3+dfsg.1-1ubuntu0.1~esm2
M Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm2
H Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm2
H Arbitrary Argument Injection	<1.4.3+dfsg.1-1ubuntu0.1~esm1
M Cross-site Request Forgery (CSRF)	<1.4.3+dfsg.1-1ubuntu0.1~esm1
M Directory Traversal	<1.4.3+dfsg.1-1ubuntu0.1~esm1
M Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm1
M Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm2
M Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm2
M Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm1
H Cross-site Scripting (XSS)	<1.4.3+dfsg.1-1ubuntu0.1~esm1