Lucene search
+L

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2020-27748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added vi...

6.5CVSS6.5AI score0.01443EPSS
Exploits1References4
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.56 views

CVE-2020-27748 affecting package xdg-utils 1.1.3-7

CVE-2020-27748 affecting package xdg-utils 1.1.3-7. No patch is available currently...

6.5CVSS6.7AI score0.01443EPSS
Exploits1
Rosalinux
Rosalinux
added 2024/07/01 2:15 p.m.31 views

Advisory ROSA-SA-2024-2444

Software: xdg-utils 1.1.3 OS: ROSA-CHROME packageevrstring: xdg-utils-1.1.3-5 CVE-ID: CVE-2020-27748 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: When processing URI mailto: xdg-email allows attachments to be discreetly added via URI when transmitted to Thunderbird. An attacker could potentially send...

6.5CVSS6.7AI score0.01443EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.17 views

RHEL 7 : xdg-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xdg-utils: local file inclusion vulnerability CVE-2020-27748 - xdg-utils: improper parse of mailto URIs...

7.2AI score0.01443EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.32 views

Amazon Linux 2023 : xdg-utils (ALAS2023-2023-007)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-007 advisory. A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to...

7.4CVSS6.7AI score0.01443EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2020-0446)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01443EPSS
Exploits1References4
OSV
OSV
added 2021/06/01 2:15 p.m.2 views

DEBIAN-CVE-2020-27748

A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches a sensitive fil...

6.5CVSS6.5AI score0.01443EPSS
Exploits1References1
CVE
CVE
added 2021/06/01 1:15 p.m.265 views

CVE-2020-27748

CVE-2020-27748 affects xdg-utils’ xdg-email in 1.1.0-rc1 and newer. Handling mailto: URIs, xdg-email can discreetly attach a file to an email sent to Thunderbird, via code in xdg-email (not Thunderbird). This can lead to exposure of sensitive data if a user unknowingly sends the email with the at...

6.5CVSS6.1AI score0.01443EPSS
Exploits1References2Affected Software1
Mageia
Mageia
added 2020/12/03 9:54 a.m.27 views

Updated xdg-utils package fixes a security vulnerability

Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information CVE-2020-27748...

6.5CVSS1.9AI score0.01443EPSS
Exploits1References2
OSV
OSV
added 2020/12/03 9:54 a.m.5 views

MGASA-2020-0446 Updated xdg-utils package fixes a security vulnerability

Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information CVE-2020-27748...

6.5CVSS6.5AI score0.01443EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/11/27 12:0 a.m.10 views

Ubuntu: Security Advisory (USN-4649-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.01443EPSS
Exploits1References2
Rows per page
Query Builder