Re: CVE request: code execution in Horde_Image 2.0.0 to 2.5.1

[Thomas Jarosch <thomas.jarosch () intra2net com>]

> This vulnerability affects all  
> versions of Horde_Image from 2.0.0 to 2.5.1.
>
> A fixed version of the Horde_Image (version 2.5.2) library has already  
> been released and everybody is advised to upgrade to Horde_Image 2.5.2  
> as soon as possible.

the issue has been assigned CVE-2017-14650.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14650

Best regards,
Thomas Jarosch / Intra2net AG