usn-8132-1
Vulnerability from osv_ubuntu
Published
2026-03-30 21:08
Modified
2026-06-25 10:47
Summary
roundcube vulnerabilities
Details

It was discovered that Roundcube Webmail did not properly sanitize certain HTML elements within the e-mail body. An attacker could possibly use this issue to cause a cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-4068, CVE-2016-4069)

It was discovered that Roundcube Webmail did not properly handle certain configuration parameters. An attacker could possibly use this issue to execute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-9920)

It was discovered that Roundcube Webmail did not properly sanitize CSS styles within SVG documents. An attacker could possibly use this issue to cause a cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2017-6820)

It was discovered that Roundcube Webmail did not properly restrict exec call in certain drivers of the password plugin. An authenticated user could possibly use this issue to perform arbitrary password resets. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2017-8114)

It was discovered that Roundcube Webmail did not properly set file permissions within the Enigma plugin. An attacker could possibly use this issue to exfiltrate GPG private keys via network connectivity. (CVE-2018-1000071)

It was discovered that Roundcube Webmail did not properly handle GnuPG MDC integrity-protection warnings. An attacker could possibly use this issue to obtain sensitive information from encrypted communications. (CVE-2018-19205)

It was discovered that Roundcube Webmail did not properly sanitize and tags within HTML attachments. An attacker could possibly use this issue to cause a cross-site scripting attack. (CVE-2018-19206)

It was discovered that Roundcube Webmail did not properly handle partially encrypted multipart messages. An attacker could possibly use this issue to cause leaking of the plaintext of encrypted messages via an email reply. (CVE-2019-10740)

It was discovered that Roundcube Webmail did not properly sanitize a certain parameter within the archive plugin. An attacker could possibly use this issue to perform an IMAP injection attack. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2018-9846)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2016-4068",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4069",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-9920",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-6820",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-8114",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-9846",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-19205",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-19206",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-1000071",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-10740",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "roundcube",
            "binary_version": "1.2~beta+dfsg.1-0ubuntu1+esm7"
          },
          {
            "binary_name": "roundcube-core",
            "binary_version": "1.2~beta+dfsg.1-0ubuntu1+esm7"
          },
          {
            "binary_name": "roundcube-mysql",
            "binary_version": "1.2~beta+dfsg.1-0ubuntu1+esm7"
          },
          {
            "binary_name": "roundcube-pgsql",
            "binary_version": "1.2~beta+dfsg.1-0ubuntu1+esm7"
          },
          {
            "binary_name": "roundcube-plugins",
            "binary_version": "1.2~beta+dfsg.1-0ubuntu1+esm7"
          },
          {
            "binary_name": "roundcube-sqlite3",
            "binary_version": "1.2~beta+dfsg.1-0ubuntu1+esm7"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "roundcube",
        "purl": "pkg:deb/ubuntu/roundcube@1.2~beta+dfsg.1-0ubuntu1+esm7?arch=source\u0026distro=esm-apps/xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2~beta+dfsg.1-0ubuntu1+esm7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.1.1+dfsg.1-2",
        "1.1.2+dfsg.1-5",
        "1.1.3+dfsg.1-1",
        "1.1.4+dfsg.1-1",
        "1.2~beta+dfsg.1-0ubuntu1",
        "1.2~beta+dfsg.1-0ubuntu1+esm1",
        "1.2~beta+dfsg.1-0ubuntu1+esm2",
        "1.2~beta+dfsg.1-0ubuntu1+esm3",
        "1.2~beta+dfsg.1-0ubuntu1+esm4",
        "1.2~beta+dfsg.1-0ubuntu1+esm5",
        "1.2~beta+dfsg.1-0ubuntu1+esm6"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-19205",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-19206",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-1000071",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-10740",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "roundcube",
            "binary_version": "1.3.6+dfsg.1-1ubuntu0.1~esm7"
          },
          {
            "binary_name": "roundcube-core",
            "binary_version": "1.3.6+dfsg.1-1ubuntu0.1~esm7"
          },
          {
            "binary_name": "roundcube-mysql",
            "binary_version": "1.3.6+dfsg.1-1ubuntu0.1~esm7"
          },
          {
            "binary_name": "roundcube-pgsql",
            "binary_version": "1.3.6+dfsg.1-1ubuntu0.1~esm7"
          },
          {
            "binary_name": "roundcube-plugins",
            "binary_version": "1.3.6+dfsg.1-1ubuntu0.1~esm7"
          },
          {
            "binary_name": "roundcube-sqlite3",
            "binary_version": "1.3.6+dfsg.1-1ubuntu0.1~esm7"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "roundcube",
        "purl": "pkg:deb/ubuntu/roundcube@1.3.6+dfsg.1-1ubuntu0.1~esm7?arch=source\u0026distro=esm-apps/bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.6+dfsg.1-1ubuntu0.1~esm7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.3.0+dfsg.1-1",
        "1.3.1+dfsg.1-1",
        "1.3.3+dfsg.1-1",
        "1.3.3+dfsg.1-2",
        "1.3.6+dfsg.1-1",
        "1.3.6+dfsg.1-1ubuntu0.1~esm1",
        "1.3.6+dfsg.1-1ubuntu0.1~esm2",
        "1.3.6+dfsg.1-1ubuntu0.1~esm3",
        "1.3.6+dfsg.1-1ubuntu0.1~esm4",
        "1.3.6+dfsg.1-1ubuntu0.1~esm5",
        "1.3.6+dfsg.1-1ubuntu0.1~esm6"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that Roundcube Webmail did not properly sanitize \ncertain HTML elements within the e-mail body. An attacker could possibly \nuse this issue to cause a cross-site scripting attack. This issue was only \naddressed in Ubuntu 16.04 LTS. (CVE-2016-4068, CVE-2016-4069)\n\nIt was discovered that Roundcube Webmail did not properly handle certain \nconfiguration parameters. An attacker could possibly use this issue to \nexecute arbitrary code. This issue was only addressed in Ubuntu 16.04 LTS. \n(CVE-2016-9920)\n\nIt was discovered that Roundcube Webmail did not properly sanitize CSS styles \nwithin SVG documents. An attacker could possibly use this issue to cause \na cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS.\n(CVE-2017-6820)\n\nIt was discovered that Roundcube Webmail did not properly restrict exec call in \ncertain drivers of the password plugin. An authenticated user could possibly \nuse this issue to perform arbitrary password resets. This issue was only addressed in \nUbuntu 16.04 LTS. (CVE-2017-8114)\n\nIt was discovered that Roundcube Webmail did not properly set file permissions within \nthe Enigma plugin. An attacker could possibly use this issue to exfiltrate GPG private \nkeys via network connectivity. (CVE-2018-1000071)\n\nIt was discovered that Roundcube Webmail did not properly handle GnuPG MDC \nintegrity-protection warnings. An attacker could possibly use this issue to obtain \nsensitive information from encrypted communications. (CVE-2018-19205)\n\nIt was discovered that Roundcube Webmail did not properly sanitize \u003csvg\u003e and \u003cstyle\u003e\ntags within HTML attachments. An attacker could possibly use this issue to cause a \ncross-site scripting attack. (CVE-2018-19206)\n\nIt was discovered that Roundcube Webmail did not properly handle partially encrypted\nmultipart messages. An attacker could possibly use this issue to cause \nleaking of the plaintext of encrypted messages via an email reply. (CVE-2019-10740)\n\nIt was discovered that Roundcube Webmail did not properly sanitize a certain parameter \nwithin the archive plugin. An attacker could possibly use this issue to perform an \nIMAP injection attack. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2018-9846)",
  "id": "USN-8132-1",
  "modified": "2026-06-25T10:47:36Z",
  "published": "2026-03-30T21:08:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-8132-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-4068"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-4069"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-9920"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-6820"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-8114"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-9846"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-19205"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-19206"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-1000071"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2019-10740"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "roundcube vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2016-4068",
    "UBUNTU-CVE-2016-4069",
    "UBUNTU-CVE-2016-9920",
    "UBUNTU-CVE-2017-6820",
    "UBUNTU-CVE-2017-8114",
    "UBUNTU-CVE-2018-9846",
    "UBUNTU-CVE-2018-19205",
    "UBUNTU-CVE-2018-19206",
    "UBUNTU-CVE-2018-1000071",
    "UBUNTU-CVE-2019-10740"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…