Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
neomutt neomutt vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-1328
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 prior to 2.2.3 allows read past end of input line
Mutt Mutt
Debian Debian Linux 9.0
Fedoraproject Fedora 36
9.1
CVSSv3
CVE-2021-32055
Mutt 1.11.0 up to and including 2.0.x prior to 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imap_qresync setting for QRESYNC is not...
Mutt Mutt
Neomutt Neomutt
6.5
CVSSv3
CVE-2021-3181
rfc822.c in Mutt up to and including 2.0.4 allows remote malicious users to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from t...
Mutt Mutt
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5.3
CVSSv3
CVE-2020-28896
Mutt prior to 2.0.2 and NeoMutt prior to 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in ...
Mutt Mutt
Neomutt Neomutt
Debian Debian Linux 9.0
5.9
CVSSv3
CVE-2020-14954
Mutt prior to 1.14.4 and NeoMutt prior to 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS conte...
Mutt Mutt
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Neomutt Neomutt
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
Opensuse Leap 15.2
4.8
CVSSv3
CVE-2020-14154
Mutt prior to 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
Mutt Mutt
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
5.9
CVSSv3
CVE-2020-14093
Mutt prior to 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
Mutt Mutt
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
9.8
CVSSv3
CVE-2018-14360
An issue exists in NeoMutt prior to 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Neomutt Neomutt
9.8
CVSSv3
CVE-2018-14361
An issue exists in NeoMutt prior to 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Neomutt Neomutt
7.5
CVSSv3
CVE-2018-14363
An issue exists in NeoMutt prior to 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Neomutt Neomutt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »