How severe is CVE-2022-4055?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2022-4055?

This is classified as CWE-146, which is a common weakness in software security.

CVE-2022-4055

HIGH Year: 2022

CVSS v3 Score

7.4

High

Weakness Type

CWE-146

View all →

Vulnerability Description

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.

CVE-2023-20117

HIGH

CVSS:7.2(High)

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute ...

CWE-1462023

CVE-2023-20128

HIGH

CVSS:7.2(High)

CWE-1462023

CVE-2023-20035

HIGH

CVSS:7.8(High)

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficien...

CWE-1462023

CVE-2024-20470

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arb...

CWE-1462024

CVE-2024-20329

CRITICAL

CVSS:9.9(Critical)

A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability ...

CWE-1462024

CVE-2023-20035

HIGH

CVSS:7.8(High)

CWE-1462023

CVE-2022-4055

Vulnerability Description

Related Vulnerabilities

CVE-2023-20117

CVE-2023-20128

CVE-2023-20035

CVE-2024-20470

CVE-2024-20329

CVE-2023-20035