DEBIAN-CVE-2019-15237
- Source
- https://security-tracker.debian.org/tracker/CVE-2019-15237
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-15237.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2019-15237
- Upstream
- Published
- 2019-08-20T01:15:09.977Z
- Modified
- 2025-11-20T10:14:08.919815Z
- Severity
-
- 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.
- References
Affected packages
Debian:11 / roundcube
Package
- Name
- roundcube
- Purl
- pkg:deb/debian/roundcube?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.4.11+dfsg.1-4
1.4.12+dfsg.1-1~bpo10+1
1.4.12+dfsg.1-1~deb11u1
1.4.13+dfsg.1-1~deb11u1~bpo10+1
1.4.13+dfsg.1-1~deb11u1
1.4.14+dfsg.1-1~deb11u1~bpo10+1
1.4.14+dfsg.1-1~deb11u1
1.4.15+dfsg.1-1~deb11u1~bpo10+1
1.4.15+dfsg.1-1~deb11u1
1.4.15+dfsg.1-1~deb11u2~bpo10+1
1.4.15+dfsg.1-1~deb11u2
1.4.15+dfsg.1-1+deb11u3
1.4.15+dfsg.1-1+deb11u4
1.4.15+dfsg.1-1+deb11u5
1.5~beta+dfsg.1-1
1.5~beta+dfsg.1-2
1.5~beta+dfsg.1-3
1.5~beta+dfsg.1-4
1.5~rc+dfsg.1-1
1.5~rc+dfsg.1-2
1.5~rc+dfsg.1-3
1.5.0+dfsg.1-1
1.5.0+dfsg.1-2
1.5.1+dfsg-1
1.6~beta+dfsg-1
1.6~beta+dfsg-2
1.6~rc+dfsg-1
1.6~rc+dfsg-2
1.6.0+dfsg-1
1.6.0+dfsg-1.1
1.6.0+dfsg-2
1.6.1+dfsg-1
1.6.2+dfsg-1
1.6.3+dfsg-1~deb12u1
1.6.3+dfsg-1
1.6.3+dfsg-2
1.6.4+dfsg-1~deb12u1
1.6.4+dfsg-1
1.6.5+dfsg-1~deb12u1
1.6.5+dfsg-1
1.6.6+dfsg-1
1.6.6+dfsg-2
1.6.7+dfsg-1
1.6.8+dfsg-1
1.6.8+dfsg-2
1.6.9+dfsg-1
1.6.9+dfsg-2
1.6.10+dfsg-1
1.6.10+dfsg-2
1.6.11+dfsg-1
Debian:12 / roundcube
Package
- Name
- roundcube
- Purl
- pkg:deb/debian/roundcube?arch=source
Debian:13 / roundcube
Package
- Name
- roundcube
- Purl
- pkg:deb/debian/roundcube?arch=source
Debian:14 / roundcube
Package
- Name
- roundcube
- Purl
- pkg:deb/debian/roundcube?arch=source