Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/claws-mail@3.14.1-3
purl pkg:deb/debian/claws-mail@3.14.1-3
Next non-vulnerable version 4.1.1-2
Latest non-vulnerable version 4.1.1-2
Risk
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-6bx3-z5a9-vya5
Aliases:
CVE-2020-16094
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.
3.17.8-1
Affected by 1 other vulnerability.
VCID-eqpn-zwjp-rkdf
Aliases:
CVE-2020-15917
A vulnerability was discovered in Claws Mail's STARTTLS handling, possibly allowing an integrity/confidentiality compromise.
3.17.8-1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:05:02.657089+00:00 Debian Oval Importer Affected by VCID-6bx3-z5a9-vya5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:11:50.987576+00:00 Debian Oval Importer Affected by VCID-eqpn-zwjp-rkdf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T23:39:05.670133+00:00 Debian Oval Importer Affected by VCID-6bx3-z5a9-vya5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:59:17.039086+00:00 Debian Oval Importer Affected by VCID-eqpn-zwjp-rkdf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:11:37.035247+00:00 Debian Oval Importer Affected by VCID-6bx3-z5a9-vya5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:52:22.662217+00:00 Debian Oval Importer Affected by VCID-eqpn-zwjp-rkdf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0