Sylpheed Project

sylpheed_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Sylpheed

sylpheed

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-37746 3Claws Mail FedoraprojectSylpheed Project 3Claws Mail FedoraSylpheed Nov 21, 2024 Jul 30, 2021 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.
CVE-2017-17517 1Sylpheed Project 1Sylpheed May 13, 2026 Dec 14, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via...Show more libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-37746

3Claws Mail

FedoraprojectSylpheed Project

3Claws Mail

FedoraSylpheed

Nov 21, 2024

Jul 30, 2021

N/A· v4

6.1 MEDIUM· v3

5.8 MEDIUM· v2

textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.

CVE-2017-17517

1Sylpheed Project

1Sylpheed

May 13, 2026

Dec 14, 2017

N/A· v4

8.8 HIGH· v3

6.8 MEDIUM· v2

libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via...Show more