Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-4055HistoryNov 19, 2022 - 12:15 a.m.
CVE-2022-4055
2022-11-1900:15:00
Alpine Linux Development Team
security.alpinelinux.org
9
xdg-mail
thunderbird
mailto urls
file attachment
rfc 2368
0.001 Low
EPSS
Percentile
32.1%
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.17-community | noarch | xdg-utils | = 1.1.3-r4 | UNKNOWN |
| Alpine | 3.18-community | noarch | xdg-utils | = 1.1.3-r4 | UNKNOWN |
| Alpine | 3.19-community | noarch | xdg-utils | = 1.1.3-r4 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2022-11-19 00:15:00
debiancve
debiancve
CVE-2022-4055
2022-11-19 00:15:31
nvd
nvd
CVE-2022-4055
2022-11-19 00:15:31
osv
osv
CVE-2022-4055
2022-11-19 00:15:31
cvelist
cvelist
CVE-2022-4055
2022-11-18 00:00:00
cve
cve
CVE-2022-4055
2022-11-19 00:15:31
cbl_mariner
cbl_mariner
CVE-2022-4055 affecting package xdg-utils 1.1.3-7
2024-07-05 17:10:16
redhatcve
redhatcve
CVE-2022-4055
2022-11-17 21:25:57
nessus
nessus
RHEL 9 : xdg-utils (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 6 : xdg-utils (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : xdg-utils (Unpatched Vulnerability)
2024-06-03 00:00:00
ubuntucve
ubuntucve
CVE-2022-4055
2022-11-19 00:00:00
amazon
amazon
Medium: xdg-utils
2023-03-17 16:35:00