CVE-2025-53603 Information

Jul 06, 2025 cve

Description

In Alinto SOPE SOGo 2.0.2 through 5.12.2 sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body.

Reference

https://github.com/Alinto/sope/blob/3146fbdb6ff3314e37e5c3682deeeef7d0f32064/sope-core/NGExtensions/NGHashMap.m#L790 https://github.com/Alinto/sope/compare/SOGo-2.0.1…SOGo-2.0.2 https://github.com/Alinto/sope/pull/69 https://www.openwall.com/lists/oss-security/2025/07/02/3

CNNVD-202507-515 (Published: 2025-07-04)

Share on:

CVE-2025-53603 Information

Description

Reference

Related CNNVD