Security Advisory

CVE-2024-37385

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-07 03:24:23

Last updated 2025-02-13 15:59:49

Assigner mitre

State PUBLISHED

Description

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via im_convert_path and im_identify_path. NOTE: this issue exists because of an incomplete fix for CVE-2020-12641.

← Browse all CVEs View on cve.org ↗