Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN321

_____________________________________________________________________

DATE                : 16/05/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Zimbra Collaboration versions
                      prior to 9.0.0 Patch 45, 10.0.14, 10.1.8,
                      ClamAV package versions prior to 10.1.8.

=====================================================================
https://wiki.zimbra.com/index.php?title=Zimbra_Security_Advisories&oldid=71064
_____________________________________________________________________

Zimbra Collaboration - Security Vulnerability Advisories

Note: only supported versions are referenced, however older
unsupported versions often have the same vulnerabilities and should
be upgraded to supported versions as soon as possible.
(going back to ZCS 7.1.3)


Bug# 	Summary     CVE-ID 	CVSS Score    Zimbra Rating 
Fix Release or Patch Version 	Reporter

  Addressed a denial of service (DoS) vulnerability that could 
lead to service disruptions. 	- - - 	9.0.0 Patch 45
10.0.14   10.1.8 	    OVH

  The ClamAV package has been upgraded to version 1.0.8 to fix
multiple vulnerabilities. 	CVE-2025-20128 CVE-2024-20505 
5.3   7.5 	- 	10.1.8


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================