Description
Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php.
Remediation
References
Related Vulnerabilities
phpMyAdmin Improper Authentication Vulnerability (CVE-2018-12613)
Apache HTTP Server Other Vulnerability (CVE-2006-5752)
Drupal Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-11941)
Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-7465)