Skip to main content

Xdg Utils

2 CVEs product

Monthly

CVE-2022-4055 HIGH POC This Week

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mozilla Xdg Utils
NVD
CVSS 3.1
7.4
EPSS
0.7%
CVE-2014-9622 MEDIUM POC This Month

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Command Injection RCE Xdg Utils
NVD
CVSS 2.0
6.8
EPSS
1.7%
EPSS 1% CVSS 7.4
HIGH POC This Week

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mozilla Xdg Utils
NVD
EPSS 2% CVSS 6.8
MEDIUM POC This Month

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Command Injection RCE Xdg Utils
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy