CVE-2025-53603

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body.

Alinto/sope
Alinto/sope
SOPE is an extensive set of frameworks which form a complete Web application server environment. Besides the Apple WebObjects compatible appserver extended with Zope concepts, it contains a large set of reusable classes: XML processing (SAX, DOM, XML-RPC), MIME/IMAP4 processing, LDAP connectivity, RDBMS connectivity, and iCalendar parsing.
GitHubGitHub
72