Fluid Attacks Database

Description

An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	znuny	=6.3.2-3 \|\| =6.3.3-1 \|\| =6.3.3-1~bpo11+1 \|\| =6.3.4-1 \|\| =6.3.4-1~bpo11+1 \|\| =6.4.2-1 \|\| =6.4.2-1~bpo11+1 \|\| =6.4.2-2 \|\| =6.4.3-1 \|\| =6.4.3-1~bpo11+1 \|\| =6.4.4-1 \|\| =6.4.5-1 \|\| =6.4.5-1~bpo11+1 \|\| =6.4.5-2 \|\| =6.5.1-1 \|\| =6.5.10-1 \|\| =6.5.10-1~bpo12+1 \|\| =6.5.11-1 \|\| =6.5.11-1~bpo12+1 \|\| =6.5.13-1 \|\| =6.5.14-1 \|\| =6.5.14-1~bpo12+1 \|\| =6.5.15-1 \|\| =6.5.15-2 \|\| =6.5.15-2~bpo12+1 \|\| =6.5.16-1 \|\| =6.5.18-1 \|\| =6.5.18-1~bpo13+1 \|\| =6.5.19-1 \|\| =6.5.3-1 \|\| =6.5.3-1~bpo12+1 \|\| =6.5.4-1 \|\| =6.5.4-1~bpo12+1 \|\| =6.5.5-1 \|\| =6.5.5-1~bpo12+1 \|\| =6.5.6-1 \|\| =6.5.6-1~bpo12+1 \|\| =6.5.8-1 \|\| =6.5.8-1~bpo12+1 \|\| =6.5.9-1 \|\| =6.5.9-1~bpo12+1	-
debian 13	znuny	=6.3.2-3 \|\| =6.3.3-1 \|\| =6.3.3-1~bpo11+1 \|\| =6.3.4-1 \|\| =6.3.4-1~bpo11+1 \|\| =6.4.2-1 \|\| =6.4.2-1~bpo11+1 \|\| =6.4.2-2 \|\| =6.4.3-1 \|\| =6.4.3-1~bpo11+1 \|\| =6.4.4-1 \|\| =6.4.5-1 \|\| =6.4.5-1~bpo11+1 \|\| =6.4.5-2 \|\| =6.5.1-1 \|\| =6.5.10-1 \|\| =6.5.10-1~bpo12+1 \|\| =6.5.11-1 \|\| =6.5.11-1~bpo12+1 \|\| =6.5.3-1 \|\| =6.5.3-1~bpo12+1 \|\| =6.5.4-1 \|\| =6.5.4-1~bpo12+1 \|\| =6.5.5-1 \|\| =6.5.5-1~bpo12+1 \|\| =6.5.6-1 \|\| =6.5.6-1~bpo12+1 \|\| =6.5.8-1 \|\| =6.5.8-1~bpo12+1 \|\| =6.5.9-1 \|\| =6.5.9-1~bpo12+1 \|\| >=0 <6.5.13-1	6.5.13-1
debian 14	znuny	=6.3.2-3 \|\| =6.3.3-1 \|\| =6.3.3-1~bpo11+1 \|\| =6.3.4-1 \|\| =6.3.4-1~bpo11+1 \|\| =6.4.2-1 \|\| =6.4.2-1~bpo11+1 \|\| =6.4.2-2 \|\| =6.4.3-1 \|\| =6.4.3-1~bpo11+1 \|\| =6.4.4-1 \|\| =6.4.5-1 \|\| =6.4.5-1~bpo11+1 \|\| =6.4.5-2 \|\| =6.5.1-1 \|\| =6.5.10-1 \|\| =6.5.10-1~bpo12+1 \|\| =6.5.11-1 \|\| =6.5.11-1~bpo12+1 \|\| =6.5.3-1 \|\| =6.5.3-1~bpo12+1 \|\| =6.5.4-1 \|\| =6.5.4-1~bpo12+1 \|\| =6.5.5-1 \|\| =6.5.5-1~bpo12+1 \|\| =6.5.6-1 \|\| =6.5.6-1~bpo12+1 \|\| =6.5.8-1 \|\| =6.5.8-1~bpo12+1 \|\| =6.5.9-1 \|\| =6.5.9-1~bpo12+1 \|\| >=0 <6.5.13-1	6.5.13-1

Aliases

1. CVE-2025-268422. NVD-2025-268423. OSV-DEBIAN-2025-268424. OSV-2025-268425. SECURITY-TRACKER-CVE-2025-26842

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.