Vulnerability-Lookup

alsa-2025:7672

Vulnerability from osv_almalinux

Published

2025-05-15 00:00

Modified

2025-07-02 12:08

Summary

Moderate: xdg-utils security update

Details

The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop.

Security Fix(es):

xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments (CVE-2022-4055)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:7672	ADVISORY
	https://access.redhat.com/security/cve/CVE-2022-4055	REPORT
	https://bugzilla.redhat.com/2143792	REPORT
	https://errata.almalinux.org/9/ALSA-2025-7672.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "xdg-utils"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.3-13.el9_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop.  \n\nSecurity Fix(es):  \n\n  * xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments (CVE-2022-4055)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:7672",
  "modified": "2025-07-02T12:08:32Z",
  "published": "2025-05-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:7672"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-4055"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2143792"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2025-7672.html"
    }
  ],
  "related": [
    "CVE-2022-4055"
  ],
  "summary": "Moderate: xdg-utils security update"
}

CVE-2022-4055 (GCVE-0-2022-4055)

Vulnerability from cvelistv5 – Published: 2022-11-18 00:00 – Updated: 2025-04-29 18:55

Summary

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.

Severity ?

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

CWE

CWE-146

Assigner

redhat

References

URL

Tags

https://gitlab.freedesktop.org/xdg/xdg-utils/-/is…

Impacted products

	Vendor	Product	Version
	n/a	xdg-utils	Affected: xdg-utils 1.1.0 to and including 1.1.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:27:54.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205#note_1494267"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-4055",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T18:55:33.721446Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T18:55:59.428Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "xdg-utils",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "xdg-utils 1.1.0 to and including 1.1.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-146",
              "description": "CWE-146",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-18T00:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205#note_1494267"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-4055",
    "datePublished": "2022-11-18T00:00:00.000Z",
    "dateReserved": "2022-11-17T00:00:00.000Z",
    "dateUpdated": "2025-04-29T18:55:59.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted