5 matches found
Azure Linux 3.0 Security Update: xdg-utils (CVE-2022-4055)
The version of xdg-utils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4055 advisory. - When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to...
RLSA-2025:7672 Moderate: xdg-utils security update
The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop. Security Fixes: xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments CVE-2022-4055 For more details about the security issues...
RockyLinux 9 : xdg-utils (RLSA-2025:7672)
The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2025:7672 advisory. xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments CVE-2022-4055 Tenable has extracted the preceding...
AZL-37063 CVE-2022-4055 affecting package xdg-utils for versions less than 1.2.1-3
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
AZL-11465 CVE-2022-4055 affecting package xdg-utils 1.1.3-7
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...