Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
516
VMScore

CVE-2021-37746

Published: 30/07/2021 Updated: 07/11/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Subscribe to Claws-mail

Vulnerability Summary

textview_uri_security_check in textview.c in Claws Mail prior to 3.18.0, and Sylpheed up to and including 3.7.0, does not have sufficient link checks before accepting a click.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

claws-mail claws-mail

sylpheed project sylpheed

fedoraproject fedora 33

fedoraproject fedora 34

Vendor Advisories

Debian CVElist Bug Report Logs: claws-mail: CVE-2021-37746
Debian Bug report logs - #991722 claws-mail: CVE-2021-37746 Package: src:claws-mail; Maintainer for src:claws-mail is Ricardo Mones <mones@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 30 Jul 2021 20:33:01 UTC Severity: important Tags: security, upstream Found in versions claws-mail/3 ...
Arch Linux Issues:
textview_uri_security_check in textviewc in Claws Mail before 3180, and Sylpheed through 370, does not have sufficient link checks before accepting a click ...

References

CWE-601https://sylpheed.sraoss.jp/sylpheed/v3.7/sylpheed-3.7.0.tar.xzhttps://claws-mail.org/download.php?file=releases/claws-mail-3.18.0.tar.xzhttps://git.claws-mail.org/?p=claws.git%3Ba=commit%3Bh=ac286a71ed78429e16c612161251b9ea90ccd431https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L2QNUIWASJLPUZZKWICGCEGYJZCQE7NH/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCJXHUSYHGVBSH2ULD7HNXLM7QNRECZ6/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991722https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook