{"id":"USN-6876-1","summary":"kopanocore vulnerabilities","details":"It was discovered that Kopano Core allowed out-of-bounds access. An\nattacker could use this issue to expose private information. This issue\nonly affected Ubuntu 18.04 LTS. (CVE-2019-19907)\n\nIt was discovered that Kopano Core allowed possible authentication\nwith expired passwords. An attacker could use this issue to bypass\nauthentication. (CVE-2022-26562)\n","modified":"2026-04-22T10:50:15.581630Z","published":"2024-07-04T16:25:18Z","related":["UBUNTU-CVE-2019-19907","UBUNTU-CVE-2022-26562"],"upstream":["CVE-2019-19907","CVE-2022-26562","UBUNTU-CVE-2019-19907","UBUNTU-CVE-2022-26562"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6876-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-19907"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-26562"}],"affected":[{"package":{"name":"kopanocore","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/kopanocore@8.5.5-0ubuntu1+esm1?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.5.5-0ubuntu1+esm1"}]}],"versions":["8.1.0-3ubuntu5","8.1.0-3ubuntu6","8.3.4-4ubuntu4","8.5.2-1ubuntu1","8.5.5-0ubuntu1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-archiver"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-backup"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-common"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-contacts"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-core"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-dagent"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-gateway"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-ical"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-l10n"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-libs"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-monitor"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-presence"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-search"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-server"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-spooler"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"kopano-utils"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"php-mapi"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"php7.1-mapi"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"python-kopano"},{"binary_version":"8.5.5-0ubuntu1+esm1","binary_name":"python-mapi"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6876-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-19907"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-26562"}],"ecosystem":"Ubuntu:Pro:18.04:LTS"}}},{"package":{"name":"kopanocore","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/kopanocore@8.7.0-7ubuntu1.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.7.0-7ubuntu1.1"}]}],"versions":["8.7.0-3build2","8.7.0-5ubuntu5","8.7.0-5ubuntu6","8.7.0-6ubuntu1","8.7.0-6ubuntu2","8.7.0-6ubuntu3","8.7.0-7ubuntu1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-archiver"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-backup"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-common"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-contacts"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-core"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-dagent"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-gateway"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-ical"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-l10n"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-libs"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-monitor"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-presence"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-search"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-server"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-spamd"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-spooler"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"kopano-utils"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"php-mapi"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"python3-kopano"},{"binary_version":"8.7.0-7ubuntu1.1","binary_name":"python3-mapi"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6876-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-26562"}],"ecosystem":"Ubuntu:20.04:LTS"}}},{"package":{"name":"kopanocore","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/kopanocore@8.7.0-7.1ubuntu10.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.7.0-7.1ubuntu10.1"}]}],"versions":["8.7.0-7.1ubuntu4","8.7.0-7.1ubuntu6","8.7.0-7.1ubuntu7","8.7.0-7.1ubuntu8","8.7.0-7.1ubuntu10"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-archiver"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-backup"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-common"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-contacts"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-core"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-dagent"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-gateway"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-ical"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-l10n"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-libs"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-monitor"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-presence"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-search"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-server"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-spamd"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-spooler"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"kopano-utils"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"php-mapi"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"python3-kopano"},{"binary_version":"8.7.0-7.1ubuntu10.1","binary_name":"python3-mapi"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6876-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-26562"}],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.5"}