Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/claws-mail@3.7.6-4%2Bsqueeze2
purl pkg:deb/debian/claws-mail@3.7.6-4%2Bsqueeze2
Next non-vulnerable version 4.1.1-2
Latest non-vulnerable version 4.1.1-2
Risk 3.4
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-6bx3-z5a9-vya5
Aliases:
CVE-2020-16094
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.
3.17.8-1
Affected by 1 other vulnerability.
VCID-921b-k4tj-k7gk
Aliases:
CVE-2015-8708
Multiple vulnerabilities have been found in claws-mail, particularly in the default SSL implementation.
3.14.1-1~bpo8+1
Affected by 2 other vulnerabilities.
VCID-eqpn-zwjp-rkdf
Aliases:
CVE-2020-15917
A vulnerability was discovered in Claws Mail's STARTTLS handling, possibly allowing an integrity/confidentiality compromise.
3.17.8-1
Affected by 1 other vulnerability.
VCID-p34h-zc38-63f1
Aliases:
CVE-2014-2576
plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.
3.10.1-2~bpo70+1
Affected by 5 other vulnerabilities.
VCID-vec3-q1tz-sqfr
Aliases:
CVE-2012-4507
The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.
3.8.1-2+deb7u1
Affected by 6 other vulnerabilities.
VCID-vpby-tpg2-wygr
Aliases:
CVE-2015-8614
Multiple vulnerabilities have been found in claws-mail, particularly in the default SSL implementation.
3.8.1-2+deb7u1
Affected by 6 other vulnerabilities.
3.11.1-3+deb8u1
Affected by 4 other vulnerabilities.
3.14.1-1~bpo8+1
Affected by 2 other vulnerabilities.
VCID-zaqk-yw24-t7h1
Aliases:
CVE-2010-5109
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.
3.11.1-3
Affected by 4 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:05:02.635548+00:00 Debian Oval Importer Affected by VCID-6bx3-z5a9-vya5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:44:48.650848+00:00 Debian Oval Importer Affected by VCID-vec3-q1tz-sqfr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:14:44.061056+00:00 Debian Oval Importer Affected by VCID-921b-k4tj-k7gk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:42:01.232060+00:00 Debian Oval Importer Affected by VCID-zaqk-yw24-t7h1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:46:36.070973+00:00 Debian Oval Importer Affected by VCID-p34h-zc38-63f1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:30:46.178301+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:11:50.966156+00:00 Debian Oval Importer Affected by VCID-eqpn-zwjp-rkdf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T13:25:20.514898+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.4.0
2026-04-15T13:15:09.842700+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.4.0
2026-04-11T23:39:05.645925+00:00 Debian Oval Importer Affected by VCID-6bx3-z5a9-vya5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:19:29.173005+00:00 Debian Oval Importer Affected by VCID-vec3-q1tz-sqfr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:50:28.849433+00:00 Debian Oval Importer Affected by VCID-921b-k4tj-k7gk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:18:38.763848+00:00 Debian Oval Importer Affected by VCID-zaqk-yw24-t7h1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:25:14.466655+00:00 Debian Oval Importer Affected by VCID-p34h-zc38-63f1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:15:38.078691+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:59:17.014623+00:00 Debian Oval Importer Affected by VCID-eqpn-zwjp-rkdf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T13:14:04.073116+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.3.0
2026-04-11T13:03:54.937595+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.3.0
2026-04-08T23:11:37.007071+00:00 Debian Oval Importer Affected by VCID-6bx3-z5a9-vya5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:52:51.193016+00:00 Debian Oval Importer Affected by VCID-vec3-q1tz-sqfr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:25:03.072713+00:00 Debian Oval Importer Affected by VCID-921b-k4tj-k7gk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:54:47.625979+00:00 Debian Oval Importer Affected by VCID-zaqk-yw24-t7h1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:03:46.682049+00:00 Debian Oval Importer Affected by VCID-p34h-zc38-63f1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:01:51.461117+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:52:22.632335+00:00 Debian Oval Importer Affected by VCID-eqpn-zwjp-rkdf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T13:13:19.663383+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.1.0
2026-04-07T21:38:57.373233+00:00 Debian Oval Importer Affected by VCID-vpby-tpg2-wygr https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 38.1.0