VYPR

Liferea

by Liferea

CVEs (2)

  • CVE-2023-1350MedMar 11, 2023
    risk 0.00cvss 6.3epss 0.02

    A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function update_job_run of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date >/tmp/bad-item-link.txt leads to…

  • CVE-2007-5751Oct 31, 2007
    risk 0.00cvss epss 0.00

    Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows local users to obtain credentials.