CNNVD-202507-515 Information

CNNVD ID

CNNVD-202507-515

Related CVE

CVE-2025-53603

• CNNVD Published: 2025-07-04

Description (Chinese)

SOGo是Alinto开源的一个非常快速且可扩展的现代协作套件。它提供日历、地址簿管理和功能齐全的 Webmail 客户端以及资源共享和权限处理。 SOGo 2.0.2至5.12.2版本存在代码问题漏洞，该漏洞源于查询字符串和POST主体中重复参数可能导致空指针取消引用和SOGo崩溃。

Description (English)

SOGO is a very fast and scalable modern collaboration package for Alinto. It provides a calendar, address book management and a fully functional Webmail client, as well as resource sharing and rights processing. There is a code problem loophole in SOGO versions 2.0.2 to 5.12.2, which stems from the search string and the repetition of parameters in the POST body that could lead to the cancellation of the empty pointer and the collapse of SOGO.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Alinto

Published

2025-07-04

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-53603 https://access.redhat.com/security/cve/cve-2025-53603