Liferea Project Liferea vulnerabilities
3 known vulnerabilities affecting liferea_project/liferea.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1LOW2
Vulnerabilities
Page 1 of 1
CVE-2023-1350P2CRITICALCVSS 9.8fixed in 1.14.1v1.12.0+23 more2023-03-11
CVE-2023-1350 [CRITICAL] CWE-78 CVE-2023-1350: A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the f
A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function update_job_run of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date >/tmp/bad-item-link.txt leads to os command injection. The attack may be launched remotely. The exploit has b
nvdosv
CVE-2005-4791P4LOWCVSS 2.1≥ 0, < 1.4.9-12005-12-31
CVE-2005-4791 [LOW] CVE-2005-4791: Multiple untrusted search path vulnerabilities in SUSE Linux 10
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
osv
CVE-2007-5751P4LOWCVSS 2.1≥ 0, < 1.4.6-12007-10-31
CVE-2007-5751 [LOW] CVE-2007-5751: Liferea before 1
Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows local users to obtain credentials.
osv