| Summary: | [CVE 21] xdg-utils CVE-2 | ||
|---|---|---|---|
| Product: | [ROSA-based products] ROSA Fresh | Reporter: | Vladimir Potapov <v.potapov> |
| Component: | Preinstalled software in the ISO | Assignee: | ROSA Linux Bugs <bugs> |
| Status: | RESOLVED WONTFIX | QA Contact: | ROSA Linux Bugs <bugs> |
| Severity: | blocker | ||
| Priority: | Highest | CC: | i.gaptrakhmanov |
| Version: | All | Flags: | v.potapov:
secteam_verified?
|
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | CVE-2022-4055 | ||
| Whiteboard: | |||
| Platform: | --- | ROSA Vulnerability identifier: | |
| RPM Package: | ISO-related: | ||
| Bad POT generating: | Upstream: | ||
|
Description
Vladimir Potapov
2024-01-12 17:13:06 MSK
There is no upstream fix for this issue. To mitigate this flaw, either: 1. Do not use mailto links at all 2. Always double-check in the user interface that there are no unwanted attachments before sending emails; especially when the email originates from clicking a mailto link. https://ubuntu.com/security/CVE-2022-4055 https://access.redhat.com/security/cve/cve-2022-4055 CVE затрагивает только Thunderbird |