Claws-Mail: >> Claws-Mail >> 3.13.2 Security Vulnerabilities
textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-07-30
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-07-28
common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.
CVSS Score
9.8
EPSS Score
0.022
Published
2020-07-23