Browse all 4 CVE security advisories affecting linagora. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LINAGORA develops collaborative software solutions, including email and document management systems, primarily for enterprise and government sectors. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely reported, the four documented CVEs highlight recurring issues in web application components and authentication mechanisms. Their security posture reflects common challenges in enterprise collaboration platforms, with vulnerabilities typically requiring authenticated access but sometimes allowing for significant system compromise when exploited.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-2675 | Improper Restriction of Excessive Authentication Attempts in linagora/twake — linagora/twakeCWE-307 | 9.8 | - | 2023-05-12 |
| CVE-2023-1665 | Improper Restriction of Excessive Authentication Attempts in linagora/twake — linagora/twakeCWE-307 | 8.2 | - | 2023-03-27 |
| CVE-2023-0028 | Cross-site Scripting (XSS) - Stored in linagora/twake — linagora/twakeCWE-79 | 5.7 | Medium | 2023-01-01 |
| CVE-2019-1010205 | LINAGORA hublin web-view renderer 路径遍历漏洞 — hublin | 7.5 | - | 2019-07-23 |
This page lists every published CVE security advisory associated with linagora. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.