Unrated severityNVD Advisory· Published Jun 7, 2024· Updated Feb 13, 2025
CVE-2024-37385
CVE-2024-37385
Description
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via im_convert_path and im_identify_path. NOTE: this issue exists because of an incomplete fix for CVE-2020-12641.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <1.5.7 || >=1.6.0 <1.6.7
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.