CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31119 – Password disclosure in log file in Nextcloud Mail App
https://notcve.org/view.php?id=CVE-2022-31119
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user passwords to disk in the event of a misconfiguration. Should an attacker gain access to the logs complete access to affected accounts would be obtainable. It is recommended that the Nextcloud Mail is upgraded to 1.12.1. Operators should inspect their logs and remove passwords which have been logged. • https://github.com/nextcloud/mail/issues/823 https://github.com/nextcloud/mail/pull/6488/commits/ab9ade57fbc1f465ffe905248f93f328d638d7e5 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-63m3-w68h-3wjg • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31132 – Unauthenticated SSRF in 3rd party module "cerdic/csstidy"
https://notcve.org/view.php?id=CVE-2022-31132
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39220 – Bypass of image blocking in Nextcloud Mail
https://notcve.org/view.php?id=CVE-2021-39220
Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read state or user IP. The privacy filter failed to filter images with a relative protocol. It is recommended that the Nextcloud Mail application is upgraded to 1.10.4 or 1.11.0. There are no known workarounds aside from upgrading. Nextcloud es una plataforma de productividad de código abierto y auto-alojada La aplicación Nextcloud Mail versiones anteriores a 1.10.4 y 1.11.0, no renderiza por defecto las imágenes en los correos electrónicos para no filtrar el estado de lectura o la IP del usuario. • https://github.com/nextcloud/mail/pull/5470 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6q9v-wm8r-rcv5 https://hackerone.com/reports/1308147 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 14%CPEs: 1EXPL: 1CVE-2017-15806 – Zeta Components Mail 1.8.1 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-15806
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one containing "-X/path/to/wwwroot/file.php." La función send en la clase ezcMailMtaTransport en Zeta Components Mail en versiones anteriores a la 1.8.2 no restringe correctamente el conjunto de caracteres empleados en la propiedad de ezcMail returnPath, lo que podría permitir que atacantes remotos ejecuten código arbitrario mediante una dirección de correo electrónico manipulada, tal y como demuestra una que contenga "-X/path/to/wwwroot/file.php". • https://www.exploit-db.com/exploits/43155 http://www.securityfocus.com/bid/101866 https://github.com/zetacomponents/Mail/issues/58 https://github.com/zetacomponents/Mail/releases/tag/1.8.2 https://kay-malwarebenchmark.github.io/blog/cve-2017-15806-critical-rce-vulnerability https://kay-malwarebenchmark.github.io/blog/cve-2017-15806-yuan-cheng-dai-ma-zhi-xing-lou-dong • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9097
https://notcve.org/view.php?id=CVE-2015-9097
The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring. La mail gem versiones anteriores a 2.5.5 para Ruby (también conocida como A Really Ruby Mail Library) es vulnerable a inyección de comandos SMTP mediante secuencias CRLF con el comando RCPT TO o MAIL FROM, como lo demuestran las secuencias CRLF inmediatamente antes y después de una subcadena DATA. • http://openwall.com/lists/oss-security/2015/12/11/3 http://www.mbsd.jp/Whitepaper/smtpi.pdf https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83 https://github.com/mikel/mail/pull/1097 https://github.com/rubysec/ruby-advisory-db/issues/215 https://hackerone.com/reports/137631 https://rubysec.com/advisories/mail-OSVDB-131677 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •