279 matches found
CVE-2021-37746
textviewurisecuritycheck in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click...
Code injection
textviewurisecuritycheck in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click...
CVE-2021-37746
textviewurisecuritycheck in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click...
UBUNTU-CVE-2021-37746
textviewurisecuritycheck in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click...
CVE-2021-37746
textviewurisecuritycheck in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click...
CVE-2021-37746
textviewurisecuritycheck in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click...
CVE-2021-37746
CVE-2021-37746 affects Claws Mail and Sylpheed: the function textview_uri_security_check in textview.c does not perform sufficient link checks before accepting a click. Affected versions are Claws Mail before 3.18.0 and Sylpheed through 3.7.0. The vulnerability stems from inadequate link validati...
Claws Mail 输入验证错误漏洞
Claws Mail is an open source email client and news aggregator written in the GTK language. claws mail suffers from an injection vulnerability that stems from the textviewurisecuritycheck function in textview.c in Claws Mail prior to version 3.18.0, and from the 3.7.0 Sylpheed before version 3.7.0...
openSUSE 15 Security Update : claws-mail (openSUSE-SU-2021:1045-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1045-1 advisory. - common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled. CVE-2020-15917 Note that...
openSUSE: Security Advisory for claws-mail (openSUSE-SU-2021:1045-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for claws-mail (moderate)
openSUSE Security Update: Security update for claws-mail Announcement ID: openSUSE-SU-2021:1045-1 Rating: moderate References: 1174457 Cross-References: CVE-2020-15917 CVSS scores: CVE-2020-15917 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 openSUSE...
OPENSUSE-SU-2021:1045-1 Security update for claws-mail
This update for claws-mail fixes the following issues: Update to 3.18.0 Support for the OAuth2 authorisation protocol has been added for IMAP, POP and SMTP using custom, user-generated client IDs. OAuth2 preferences are found in the Account Preferences on the Receive page for POP: Authenticate...
PT-2021-21858 · Sylpheed +3 · Sylpheed +3
Name of the Vulnerable Software and Affected Versions: Claws Mail versions prior to 3.18.0 Sylpheed versions prior to 3.7.1 Description: The issue is related to insufficient link checks in the textview uri security check function in textview.c before accepting a click. This could potentially lead...
openSUSE Security Update : claws-mail (openSUSE-2020-1822)
This update for claws-mail fixes the following issues : - Additional cleanup of the template handling claws-mail was updated to 3.17.8 boo1177967 - Shielded template's |program and |attachprogram so that the command-line that is executed does not allow sequencing such as with && || ;, preventing...
openSUSE: Security Advisory for claws-mail (openSUSE-SU-2020:1822-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for claws-mail (moderate)
openSUSE Security Update: Security update for claws-mail Announcement ID: openSUSE-SU-2020:1822-1 Rating: moderate References: 1157594 1177967 Cross-References: CVE-2020-15917 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 An...
OPENSUSE-SU-2020:1822-1 Security update for claws-mail
This update for claws-mail fixes the following issues: - Additional cleanup of the template handling claws-mail was updated to 3.17.8 boo1177967 Shielded template's |program and |attachprogram so that the command-line that is executed does not allow sequencing such as with && || ;, preventing...
Fedora 33 : claws-mail (2020-1f60842034)
Update to 3.17.7 -- https://www.claws-mail.org/news.php Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
MGASA-2020-0394 Updated claws-mail packages fix a security vulnerability
Shielded template's |program and |attachprogram so that the command-line that is executed does not allow sequencing such as with && || ;, preventing possible execution of nasty, or at least unexpected, commands. No CVE...
Updated claws-mail packages fix a security vulnerability
Shielded template's |program and |attachprogram so that the command-line that is executed does not allow sequencing such as with && || ;, preventing possible execution of nasty, or at least unexpected, commands. No CVE...