Vulnerabilities > Sylpheed Project

DATE CVE VULNERABILITY TITLE RISK
2021-07-30 CVE-2021-37746 Open Redirect vulnerability in multiple products
textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.
6.1
2017-12-14 CVE-2017-17517 Injection vulnerability in Sylpheed Project Sylpheed
libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
network
low complexity
sylpheed-project CWE-74
8.8