Information on source package sogo

Available versions

Bug	stretch	buster	bullseye	bookworm	trixie	sid	Description
TEMP-0000000-BD3902	vulnerable	vulnerable	fixed	fixed	fixed	fixed	sogo SOGoForbidUnknownDomainsAuth issue
CVE-2024-34462	vulnerable	vulnerable (no DSA, postponed)	vulnerable (no DSA, postponed)	vulnerable (no DSA)	fixed	fixed	Alinto SOGo through 5.10.0 allows XSS during attachment preview.
CVE-2024-24510	vulnerable	vulnerable	vulnerable	vulnerable	fixed	fixed	Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows ...
CVE-2023-48104	vulnerable	vulnerable (no DSA, ignored)	vulnerable (no DSA, postponed)	vulnerable (no DSA)	fixed	fixed	Alinto SOGo before 5.9.1 is vulnerable to HTML Injection.
CVE-2022-4558	vulnerable	vulnerable (no DSA)	vulnerable (no DSA)	fixed	fixed	fixed	A vulnerability was found in Alinto SOGo up to 5.7.1. It has been clas ...
CVE-2022-4556	vulnerable	vulnerable (no DSA)	vulnerable (no DSA)	fixed	fixed	fixed	A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as ...
CVE-2020-22402	vulnerable	fixed	fixed	fixed	fixed	fixed	Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 ...

Bug	Description
CVE-2021-33054	SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not valida ...
CVE-2016-6191	Multiple cross-site scripting (XSS) vulnerabilities in the View Raw So ...
CVE-2016-6190	SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to th ...
CVE-2016-6189	Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows ...
CVE-2016-6188	Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of ...
CVE-2015-5395	Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.
CVE-2014-9905	Multiple cross-site scripting (XSS) vulnerabilities in the Web Calenda ...

DSA / DLA	Description
DSA-5029-1	sogo - security update
DLA-2707-1	sogo - security update