Vulnerabilities > Zarafa > Zarafa > 7.1.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-31 | CVE-2021-28994 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers. | 5.0 |
| 2014-10-20 | CVE-2014-5447 | Information Exposure vulnerability in Zarafa Webapp and Zarafa Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. | 2.1 |