{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","type":"deb","namespace":"debian","name":"claws-mail","version":"4.3.1-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.4.0-1","latest_non_vulnerable_version":"4.4.0-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94840?format=json","vulnerability_id":"VCID-185b-3s2q-1ffu","summary":"textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37746","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65318","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65157","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65207","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65261","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65279","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65266","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65239","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65274","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65283","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65293","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.6529","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65271","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37746"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991722","reference_id":"991722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991722"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991723","reference_id":"991723","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991723"},{"reference_url":"https://security.archlinux.org/AVG-2243","reference_id":"AVG-2243","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2243"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/921891?format=json","purl":"pkg:deb/debian/claws-mail@3.18.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.18.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2021-37746"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-185b-3s2q-1ffu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94394?format=json","vulnerability_id":"VCID-6bx3-z5a9-vya5","summary":"In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16094","reference_id":"","reference_type":"","scores":[{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65251","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65301","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65326","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65291","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65343","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65355","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65373","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65333","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65369","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.6538","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65365","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65382","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65394","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.6539","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65416","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16094"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966630","reference_id":"966630","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966630"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586724?format=json","purl":"pkg:deb/debian/claws-mail@3.17.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2020-16094"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bx3-z5a9-vya5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48131?format=json","vulnerability_id":"VCID-921b-k4tj-k7gk","summary":"Multiple vulnerabilities have been found in claws-mail,\n    particularly in the default SSL implementation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8708","reference_id":"","reference_type":"","scores":[{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79794","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.7977","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79623","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79629","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79651","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79637","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79666","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79673","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79694","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79678","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.797","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79703","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79733","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.7974","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01292","scoring_system":"epss","scoring_elements":"0.79754","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8708"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/31/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/31/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811048","reference_id":"811048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811048"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:3.13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:claws-mail:claws-mail:3.13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:3.13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8708","reference_id":"CVE-2015-8708","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8708"},{"reference_url":"https://security.gentoo.org/glsa/201606-11","reference_id":"GLSA-201606-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586856?format=json","purl":"pkg:deb/debian/claws-mail@3.13.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.13.1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8708"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-921b-k4tj-k7gk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62057?format=json","vulnerability_id":"VCID-eqpn-zwjp-rkdf","summary":"A vulnerability was discovered in Claws Mail's STARTTLS handling,\n    possibly allowing an integrity/confidentiality compromise.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15917","reference_id":"","reference_type":"","scores":[{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84469","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84506","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84508","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84529","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84535","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84554","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84549","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84545","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84565","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84566","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84592","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84601","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84603","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84618","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02235","scoring_system":"epss","scoring_elements":"0.84645","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15917"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15917"},{"reference_url":"https://security.gentoo.org/glsa/202007-56","reference_id":"GLSA-202007-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-56"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585097?format=json","purl":"pkg:deb/debian/claws-mail@3.17.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2020-15917"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eqpn-zwjp-rkdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92591?format=json","vulnerability_id":"VCID-p34h-zc38-63f1","summary":"plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00015.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2576","reference_id":"","reference_type":"","scores":[{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71424","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7126","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71267","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71301","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71315","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71337","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71322","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71305","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71351","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71357","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71336","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7139","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71398","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71401","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71387","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2576"},{"reference_url":"http://seclists.org/oss-sec/2014/q1/636","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2014/q1/636"},{"reference_url":"http://secunia.com/advisories/60422","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60422"},{"reference_url":"http://sourceforge.net/p/claws-mail/news/2014/05/claws-mail-3100-unleashed/","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/p/claws-mail/news/2014/05/claws-mail-3100-unleashed/"},{"reference_url":"http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3106","reference_id":"","reference_type":"","scores":[],"url":"http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3106"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742695","reference_id":"742695","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742695"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:claws-mail:claws-mail:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2576","reference_id":"CVE-2014-2576","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586578?format=json","purl":"pkg:deb/debian/claws-mail@3.10.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.10.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2014-2576"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p34h-zc38-63f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60755?format=json","vulnerability_id":"VCID-ukjn-pbdj-u3e3","summary":"Multiple vulnerabilities have been reported in Mozilla Firefox,\n    Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted\n    arbitrary remote code execution.","references":[{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"},{"reference_url":"http://balsa.gnome.org/download.html","reference_id":"","reference_type":"","scores":[],"url":"http://balsa.gnome.org/download.html"},{"reference_url":"http://docs.info.apple.com/article.html?artnum=305530","reference_id":"","reference_type":"","scores":[],"url":"http://docs.info.apple.com/article.html?artnum=305530"},{"reference_url":"http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt","reference_id":"","reference_type":"","scores":[],"url":"http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"},{"reference_url":"http://lists.apple.com/archives/security-announce/2007/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"},{"reference_url":"http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1558","reference_id":"","reference_type":"","scores":[{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94234","published_at":"2026-05-07T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94154","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94219","published_at":"2026-04-29T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94223","published_at":"2026-05-05T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94163","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94175","published_at":"2026-04-04T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94177","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94187","published_at":"2026-04-08T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94191","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94195","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94211","published_at":"2026-04-16T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94216","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1558"},{"reference_url":"http://secunia.com/advisories/25353","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25353"},{"reference_url":"http://secunia.com/advisories/25402","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25402"},{"reference_url":"http://secunia.com/advisories/25476","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25476"},{"reference_url":"http://secunia.com/advisories/25496","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25496"},{"reference_url":"http://secunia.com/advisories/25529","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25529"},{"reference_url":"http://secunia.com/advisories/25534","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25534"},{"reference_url":"http://secunia.com/advisories/25546","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25546"},{"reference_url":"http://secunia.com/advisories/25559","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25559"},{"reference_url":"http://secunia.com/advisories/25664","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25664"},{"reference_url":"http://secunia.com/advisories/25750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25750"},{"reference_url":"http://secunia.com/advisories/25798","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25798"},{"reference_url":"http://secunia.com/advisories/25858","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25858"},{"reference_url":"http://secunia.com/advisories/25894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25894"},{"reference_url":"http://secunia.com/advisories/26083","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26083"},{"reference_url":"http://secunia.com/advisories/26415","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26415"},{"reference_url":"http://secunia.com/advisories/35699","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35699"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200706-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200706-06.xml"},{"reference_url":"https://issues.rpath.com/browse/RPL-1231","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1231"},{"reference_url":"https://issues.rpath.com/browse/RPL-1232","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1232"},{"reference_url":"https://issues.rpath.com/browse/RPL-1424","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1424"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857"},{"reference_url":"http://sourceforge.net/forum/forum.php?forum_id=683706","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/forum/forum.php?forum_id=683706"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782"},{"reference_url":"http://sylpheed.sraoss.jp/en/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://sylpheed.sraoss.jp/en/news.html"},{"reference_url":"http://www.claws-mail.org/news.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.claws-mail.org/news.php"},{"reference_url":"http://www.debian.org/security/2007/dsa-1300","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1300"},{"reference_url":"http://www.debian.org/security/2007/dsa-1305","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1305"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:105","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:105"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:107","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:107"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:113","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:113"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:119","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:119"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:131","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:131"},{"reference_url":"http://www.mozilla.org/security/announce/2007/mfsa2007-15.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2007/mfsa2007-15.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_14_sr.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_14_sr.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_36_mozilla.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/08/15/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2009/08/15/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/08/18/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2009/08/18/1"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0344.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0344.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0353.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0353.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0385.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0385.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0386.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0386.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0401.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0401.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0402.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0402.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html"},{"reference_url":"http://www.securityfocus.com/archive/1/464477/30/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464477/30/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/464569/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464569/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/470172/100/200/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/470172/100/200/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/471455/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/471455/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/471720/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/471720/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/471842/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/471842/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/23257","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/23257"},{"reference_url":"http://www.securitytracker.com/id?1018008","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018008"},{"reference_url":"http://www.trustix.org/errata/2007/0019/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0019/"},{"reference_url":"http://www.trustix.org/errata/2007/0024/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0024/"},{"reference_url":"http://www.ubuntu.com/usn/usn-469-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-469-1"},{"reference_url":"http://www.ubuntu.com/usn/usn-520-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-520-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA07-151A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA07-151A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1466","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1466"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1467","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1467"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1468","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1468"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1480","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1480"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1939","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1939"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1994","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1994"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2788","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2788"},{"reference_url":"http://www.vupen.com/english/advisories/2008/0082","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/0082"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=241191","reference_id":"241191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=241191"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558","reference_id":"CVE-2007-1558","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1558","reference_id":"CVE-2007-1558","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1558"},{"reference_url":"https://security.gentoo.org/glsa/200706-06","reference_id":"GLSA-200706-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200706-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-15","reference_id":"mfsa2007-15","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0344","reference_id":"RHSA-2007:0344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0353","reference_id":"RHSA-2007:0353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0385","reference_id":"RHSA-2007:0385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0386","reference_id":"RHSA-2007:0386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0401","reference_id":"RHSA-2007:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0402","reference_id":"RHSA-2007:0402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1140","reference_id":"RHSA-2009:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1140"},{"reference_url":"https://usn.ubuntu.com/469-1/","reference_id":"USN-469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/469-1/"},{"reference_url":"https://usn.ubuntu.com/520-1/","reference_id":"USN-520-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/520-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584280?format=json","purl":"pkg:deb/debian/claws-mail@2.9.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@2.9.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2007-1558"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ukjn-pbdj-u3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92393?format=json","vulnerability_id":"VCID-vec3-q1tz-sqfr","summary":"The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-10/msg00064.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2012-10/msg00064.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4507","reference_id":"","reference_type":"","scores":[{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79338","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79176","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79182","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79206","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79191","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79216","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79224","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79248","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79232","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79223","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79249","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79246","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79247","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79281","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79287","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79305","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01238","scoring_system":"epss","scoring_elements":"0.79318","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4507"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=862578","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=862578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4507"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/10/09/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/10/09/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/10/09/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/10/09/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/10/10/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/10/10/3"},{"reference_url":"http://www.securityfocus.com/bid/55837","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55837"},{"reference_url":"http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743","reference_id":"","reference_type":"","scores":[],"url":"http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690151","reference_id":"690151","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690151"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:3.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:claws-mail:claws-mail:3.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:3.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4507","reference_id":"CVE-2012-4507","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4507"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586451?format=json","purl":"pkg:deb/debian/claws-mail@3.8.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.8.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2012-4507"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vec3-q1tz-sqfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48130?format=json","vulnerability_id":"VCID-vpby-tpg2-wygr","summary":"Multiple vulnerabilities have been found in claws-mail,\n    particularly in the default SSL implementation.","references":[{"reference_url":"http://git.claws-mail.org/?p=claws.git%3Ba=commit%3Bh=d390fa07f5548f3173dd9cc13b233db5ce934c82","reference_id":"","reference_type":"","scores":[],"url":"http://git.claws-mail.org/?p=claws.git%3Ba=commit%3Bh=d390fa07f5548f3173dd9cc13b233db5ce934c82"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00000.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8614","reference_id":"","reference_type":"","scores":[{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83232","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83211","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83042","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83059","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83072","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.8307","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83095","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83102","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83119","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83112","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83108","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83146","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83149","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83172","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83179","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83187","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8614"},{"reference_url":"http://www.claws-mail.org/news.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.claws-mail.org/news.php"},{"reference_url":"http://www.debian.org/security/2016/dsa-3452","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3452"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/21/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/21/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/22/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/22/2"},{"reference_url":"http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557","reference_id":"","reference_type":"","scores":[],"url":"http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:claws-mail:claws-mail:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:claws-mail:claws-mail:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8614","reference_id":"CVE-2015-8614","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8614"},{"reference_url":"https://security.gentoo.org/glsa/201606-11","reference_id":"GLSA-201606-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584985?format=json","purl":"pkg:deb/debian/claws-mail@3.13.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.13.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8614"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpby-tpg2-wygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51252?format=json","vulnerability_id":"VCID-wcjp-avbb-uyga","summary":"Claws Mail uses temporary files in an insecure manner, allowing for a\n    symlink attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6208","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22427","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22595","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22637","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22507","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22561","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2258","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2254","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22486","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22501","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22497","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22447","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22294","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2228","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22273","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2217","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22254","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089","reference_id":"454089","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089"},{"reference_url":"https://security.gentoo.org/glsa/200801-03","reference_id":"GLSA-200801-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200801-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585287?format=json","purl":"pkg:deb/debian/claws-mail@3.1.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.1.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2007-6208"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcjp-avbb-uyga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92115?format=json","vulnerability_id":"VCID-zaqk-yw24-t7h1","summary":"Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5109","reference_id":"","reference_type":"","scores":[{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79193","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.792","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79223","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79209","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79234","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79242","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79266","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79239","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79262","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79263","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79298","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79322","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79335","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0124","scoring_system":"epss","scoring_elements":"0.79355","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5109"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705468","reference_id":"705468","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705468"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771360","reference_id":"771360","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771360"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586675?format=json","purl":"pkg:deb/debian/claws-mail@3.11.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.11.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584281?format=json","purl":"pkg:deb/debian/claws-mail@3.17.8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-185b-3s2q-1ffu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@3.17.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584282?format=json","purl":"pkg:deb/debian/claws-mail@4.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.1.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584283?format=json","purl":"pkg:deb/debian/claws-mail@4.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584284?format=json","purl":"pkg:deb/debian/claws-mail@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2010-5109"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zaqk-yw24-t7h1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/claws-mail@4.3.1-1%3Fdistro=trixie"}