← Back to CVE List

CVE-2023-46116

Published: 2023-12-15T14:15Z
Last Modified: 2024-11-21T08:27Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Tutanota (Tuta Mail) is an encrypted email provider. Tutanota allows users to open links in emails in external applications. Prior to version 3.118.12, it correctly blocks the `file:` URL scheme, which can be used by malicious actors to gain code execution on a victims computer, however fails to check other harmful schemes such as `ftp:`, `smb:`, etc. which can also be used. Successful exploitation of this vulnerability will enable an attacker to gain code execution on a victim's computer. Version 3.118.2 contains a patch for this issue. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt