Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2018-19205

Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php.

  • Published: Nov 12, 2018
  • Updated: Nov 9, 2025
  • CVE: CVE-2018-19205
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
roundcube / webmail - 1.3.7