CVE-2018-1000071 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-1000071 Interim 1 5 2025-02-17T02:27:59Z current 2021-05-30T14:20:19Z 2025-02-17T02:27:59Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-1000071 roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity. CVE-2018-1000071 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N