Proxmox Proxmox Mail Gateway — known CVE vulnerabilities
Every CVE whose affected-product data names Proxmox Proxmox Mail Gateway, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-35508 — CVSS 9.8 (critical): Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy…
CVE-2023-43320 — CVSS 8.8 (high): An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway…
CVE-2022-35507 — CVSS 7.1 (high): A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows…
CVE-2015-9057 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject…
CVE-2015-9058 — CVSS 6.1 (medium): Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary…