CVE-2021-37746

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: Claws Mail versions prior to 3.18.0 Sylpheed versions prior to 3.7.1

Description: The issue is related to insufficient link checks in the textview uri security check function in textview.c before accepting a click. This could potentially lead to security issues.

Recommendations: For Claws Mail versions prior to 3.18.0, update to version 3.18.0 or later. For Sylpheed versions prior to 3.7.1, update to version 3.7.1 or later.

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

ALT-PU-2021-2194

ALT-PU-2021-2495

ALT-PU-2021-3520

ALT-PU-2023-1122

CVE-2021-37746

MGASA-2021-0408

Affected Products

Alt Linux

Claws Mail

Debian

Sylpheed

CVE-2021-37746

Weakness Enumeration

Related Identifiers

Affected Products

References · 18