GHSA-wvvp-c8qh-3cc5MediumCVSS 4.3

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the TNEF decoder was subject to denial...

Published
July 14, 2026
Last Modified
July 14, 2026

🔗 CVE IDs covered (1)

📋 Description

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the TNEF decoder was subject to denial of service via a crafted compressed-RTF size.

🔗 References (7)