Vulnerabilities > Mailcow > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-05 | CVE-2024-41958 | Unspecified vulnerability in Mailcow Mailcow: Dockerized mailcow: dockerized is an open source groupware/email suite based on docker. | 7.2 |
2024-02-02 | CVE-2024-24760 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mailcow Mailcow: Dockerized mailcow is a dockerized email package, with multiple containers linked in one bridged network. | 7.3 |
2023-06-07 | CVE-2023-34108 | Unspecified vulnerability in Mailcow Mailcow: Dockerized mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. | 8.8 |
2023-03-04 | CVE-2023-26490 | OS Command Injection vulnerability in Mailcow Mailcow: Dockerized mailcow is a dockerized email package, with multiple containers linked in one bridged network. | 8.8 |
2022-09-27 | CVE-2022-39258 | Open Redirect vulnerability in Mailcow Mailcow: Dockerized mailcow is a mailserver suite. | 8.2 |
2022-07-11 | CVE-2022-31138 | OS Command Injection vulnerability in Mailcow Mailcow: Dockerized mailcow is a mailserver suite. | 8.8 |
2022-05-20 | CVE-2022-31245 | OS Command Injection vulnerability in Mailcow Mailcow: Dockerized mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs. | 8.8 |
2017-05-14 | CVE-2017-8928 | Cross-Site Request Forgery (CSRF) vulnerability in Mailcow Mailcow: Dockerized 0.14 mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF. | 8.8 |