cpe:/a:horde:horde_image_api:2.0.0 cpe:/a:horde:horde_image_api:2.0.0:alpha1 cpe:/a:horde:horde_image_api:2.0.0:beta1 cpe:/a:horde:horde_image_api:2.0.0:beta2 cpe:/a:horde:horde_image_api:2.0.1 cpe:/a:horde:horde_image_api:2.0.2 cpe:/a:horde:horde_image_api:2.0.3 cpe:/a:horde:horde_image_api:2.0.4 cpe:/a:horde:horde_image_api:2.0.5 cpe:/a:horde:horde_image_api:2.0.6 cpe:/a:horde:horde_image_api:2.0.7 cpe:/a:horde:horde_image_api:2.0.8 cpe:/a:horde:horde_image_api:2.0.9 cpe:/a:horde:horde_image_api:2.1.0 cpe:/a:horde:horde_image_api:2.2.0 cpe:/a:horde:horde_image_api:2.3.0 cpe:/a:horde:horde_image_api:2.3.1 cpe:/a:horde:horde_image_api:2.3.2 cpe:/a:horde:horde_image_api:2.3.3 cpe:/a:horde:horde_image_api:2.3.4 cpe:/a:horde:horde_image_api:2.3.5 cpe:/a:horde:horde_image_api:2.3.6 cpe:/a:horde:horde_image_api:2.4.0 cpe:/a:horde:horde_image_api:2.4.1 CVE-2017-9774 2017-06-21T14:29:00.357-04:00 2018-08-18T06:29:00.847-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov DEBIAN DSA-4276 CONFIRM https://lists.horde.org/archives/announce/2017/001234.html Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.