RockyLinux 9 : xdg-utils (RLSA-2025:7672)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2025:7672 advisory. xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments CVE-2022-4055 Tenable has extracted the preceding...

AlmaLinux 9 : xdg-utils (ALSA-2025:7672)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:7672 advisory. xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments CVE-2022-4055 Tenable has extracted the preceding...

xdg-utils security update

1.1.3-13 - Update documentation for CVE-2022-4055 RHEL-87487 1.1.3-12 - Fix CVE-2022-4055 RHEL-87487...

Oracle Linux 9 : xdg-utils (ELSA-2025-7672)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-7672 advisory. - Update documentation for CVE-2022-4055 RHEL-87487 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Moderate: Red Hat Security Advisory: xdg-utils security update

An update for xdg-utils is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2025:7672 Moderate: xdg-utils security update

The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop. Security Fixes: xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments CVE-2022-4055 For more details about the security issues...

Moderate: xdg-utils security update

The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop. Security Fixes: xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments CVE-2022-4055 For more details about the security issues...

Linux Distros Unpatched Vulnerability : CVE-2022-4055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that shou...

CVE-2022-4055 affecting package xdg-utils for versions less than 1.2.1-3

CVE-2022-4055 affecting package xdg-utils for versions less than 1.2.1-3. An upgraded version of the package is available that resolves this issue...

CVE-2022-4055 affecting package xdg-utils 1.1.3-7

CVE-2022-4055 affecting package xdg-utils 1.1.3-7. No patch is available currently...

RHEL 9 : xdg-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments...

RHEL 7 : xdg-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xdg-utils: local file inclusion vulnerability CVE-2020-27748 - xdg-utils: improper parse of mailto URIs...

Amazon Linux 2023 : xdg-utils (ALAS2023-2023-007)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-007 advisory. A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to...

AZL-37063 CVE-2022-4055 affecting package xdg-utils for versions less than 1.2.1-3

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...

CVE-2022-4055

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...

CVE-2022-4055

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...

CVE-2022-4055

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...