CVE-2025-53603

In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body.
Configurations

No configuration.

History

08 Jul 2025, 15:15

Type Values Removed Values Added
References () https://www.openwall.com/lists/oss-security/2025/07/02/3 - () https://www.openwall.com/lists/oss-security/2025/07/02/3 -
Summary
  • (es) En Alinto SOPE SOGo 2.0.2 a 5.12.2, sope-core/NGExtensions/NGHashMap.m permite una desreferencia de puntero NULL y un bloqueo de SOGo a través de una solicitud en la que un parámetro en la cadena de consulta es un duplicado de un parámetro en el cuerpo POST.

05 Jul 2025, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-07-05 01:15

Updated : 2025-07-08 16:18


NVD link : CVE-2025-53603

Mitre link : CVE-2025-53603

CVE.ORG link : CVE-2025-53603


JSON object : View

Products Affected

No product.

CWE
CWE-476

NULL Pointer Dereference