Количество 8
Количество 8
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.
CVE-2022-4055
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improp ...
GHSA-p4jr-wm76-h2v3
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.
ELSA-2025-7672
ELSA-2025-7672: xdg-utils security update (MODERATE)
BDU:2025-04910
Уязвимость утилиты для открытия почтового клиента из набора xdg-utils xdg-mail, связанная с недостаточной проверкой введенных пользователем данных, позволяющая нарушителю оказать влияние на целостность защищаемой информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-4055 When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked. | CVSS3: 7.4 | 0% Низкий | больше 2 лет назад |
 | CVE-2022-4055 When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked. | CVSS3: 7.4 | 0% Низкий | почти 3 года назад |
 | CVE-2022-4055 When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked. | CVSS3: 7.4 | 0% Низкий | больше 2 лет назад |
 | CVSS3: 7.4 | 0% Низкий | 4 месяца назад | |
| CVE-2022-4055 When xdg-mail is configured to use thunderbird for mailto URLs, improp ... | CVSS3: 7.4 | 0% Низкий | больше 2 лет назад |
| GHSA-p4jr-wm76-h2v3 When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked. | CVSS3: 7.4 | 0% Низкий | больше 2 лет назад |
| ELSA-2025-7672 ELSA-2025-7672: xdg-utils security update (MODERATE) | 30 дней назад | ||
 | BDU:2025-04910 Уязвимость утилиты для открытия почтового клиента из набора xdg-utils xdg-mail, связанная с недостаточной проверкой введенных пользователем данных, позволяющая нарушителю оказать влияние на целостность защищаемой информации | CVSS3: 7.4 | 0% Низкий | почти 3 года назад |
Уязвимостей на страницу