Skip to main content

Sylpheed

2 CVEs product

Monthly

CVE-2021-37746 MEDIUM PATCH This Month

textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Claws Mail Sylpheed Fedora
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2017-17517 HIGH This Week

libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Sylpheed
NVD
CVSS 3.0
8.8
EPSS
0.5%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Claws Mail Sylpheed +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Sylpheed
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy