GCVE - cpe:2.3:a:open-xchange:app_suite:7.4.2:rev8:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:open-xchange:app_suite:7.4.2:rev8:*:*:*:*:*:*

part: a version: 7.4.2 update: rev8

Vendor	Open Xchange (`85b486f1-55be-55d2-8b83-a25950d10c23`)
Product	App Suite (`24e3fa8d-feb9-5cdc-b8d8-349a5a45ed5e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/iovietnam/open-xchange-appsuite`	purl2cpe	2026-06-01 10:16:43.743204
`pkg:npm/open-xchange-appsuite`	purl2cpe	2026-06-01 10:16:43.743206
`pkg:rpm/opensuse/open-xchange-appsuite`	purl2cpe	2026-06-01 10:16:43.743207

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-5237`	vulnerable	2026-06-03 14:34:05.727495	Details available Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text document, which is not properly handled by the image preview. Published: 2014-12-01T15:00:00.000Z Updated: 2024-08-06T11:41:47.695Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/533443/100/0/threaded http://packetstormsecurity.com/files/128257/Open-Xchange-7.6.0-XSS-SSRF-Traversal.html http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_2112_7.6.0_2014-08-25.pdf	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.