Release | Version |
---|---|
jessie | 1.1.0~rc1+git20111210-7.4+deb8u1 |
stretch | 1.1.1-1+deb9u2 |
stretch (lts) | 1.1.1-1+deb9u1 |
buster | 1.1.3-1+deb10u1 |
bullseye | 1.1.3-4.1 |
bookworm | 1.1.3-4.1 |
trixie | 1.2.1-2 |
sid | 1.2.1-2 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2022-4055 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | When xdg-mail is configured to use thunderbird for mailto URLs, improp ... |
CVE-2020-27748 | vulnerable (no DSA, ignored) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and ... |
Bug | Description |
---|---|
CVE-2017-18266 | The open_envvar function in xdg-open in xdg-utils before 1.1.3 does no ... |
CVE-2015-1877 | The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 ... |
CVE-2014-9622 | Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported ... |
CVE-2009-0068 | Interaction error in xdg-open allows remote attackers to execute arbit ... |
CVE-2008-0386 | Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to e ... |
DSA / DLA | Description |
---|---|
DSA-4211-1 | xdg-utils - security update |
DLA-1384-1 | xdg-utils - security update |
DLA-217-1 | xdg-utils - security update |
DSA-3165-1 | xdg-utils - security update |
DSA-3131-1 | xdg-utils - security update |