{"affected":[{"ecosystem_specific":{"binaries":[{"libebackend-1_2-10":"3.42.5-150400.3.10.1","libebook-1_2-20":"3.42.5-150400.3.10.1","libebook-contacts-1_2-3":"3.42.5-150400.3.10.1","libecal-2_0-1":"3.42.5-150400.3.10.1","libedata-book-1_2-26":"3.42.5-150400.3.10.1","libedata-cal-2_0-1":"3.42.5-150400.3.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP7","name":"evolution-data-server","purl":"pkg:rpm/suse/evolution-data-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.42.5-150400.3.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libcamel-1_2-63":"3.42.5-150400.3.10.1","libebackend-1_2-10":"3.42.5-150400.3.10.1","libebook-1_2-20":"3.42.5-150400.3.10.1","libebook-contacts-1_2-3":"3.42.5-150400.3.10.1","libedata-book-1_2-26":"3.42.5-150400.3.10.1","libedataserver-1_2-26":"3.42.5-150400.3.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 15 SP7","name":"evolution-data-server","purl":"pkg:rpm/suse/evolution-data-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.42.5-150400.3.10.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for evolution-data-server fixes the following issue:\n\n- CVE-2026-2604: arbitrary file deletion via inconsistent URI handling (bsc#1258307).\n","id":"SUSE-SU-2026:0776-1","modified":"2026-03-03T13:20:26Z","published":"2026-03-03T13:20:26Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20260776-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1258307"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-2604"}],"related":["CVE-2026-2604"],"summary":"Security update for evolution-data-server","upstream":["CVE-2026-2604"]}