Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mutt: CVE-2021-3181: mutt recipient parsing memory leak

Related Vulnerabilities: CVE-2021-3181  

Source

Debian Bug report logs - #980326
mutt: CVE-2021-3181: mutt recipient parsing memory leak

version graph

Package: src:mutt; Maintainer for src:mutt is Mutt maintainers <mutt@packages.debian.org>;

Reported by: Salvatore Bonaccorso <carnil@debian.org>

Date: Sun, 17 Jan 2021 20:03:02 UTC

Severity: important

Tags: patch, security, upstream

Found in versions mutt/1.10.1-2.1+deb10u4, mutt/1.10.1-1, mutt/2.0.2-1

Fixed in version mutt/2.0.5-1

Done: Salvatore Bonaccorso <carnil@debian.org>

Forwarded to https://gitlab.com/muttmua/mutt/-/issues/323

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Sun, 17 Jan 2021 20:03:04 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, Mutt maintainers <mutt@packages.debian.org>. (Sun, 17 Jan 2021 20:03:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: mutt: mutt recipient parsing memory leak
Date: Sun, 17 Jan 2021 21:01:22 +0100
Source: mutt
Version: 2.0.2-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>


Hi,

This was reported at
https://www.openwall.com/lists/oss-security/2021/01/17/2 and upstream
apparently at https://gitlab.com/muttmua/mutt/-/issues/323 (not
public).

Upstream fix: https://gitlab.com/muttmua/mutt/-/commit/c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545

Regards,
Salvatore

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Mon, 18 Jan 2021 07:48:02 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Mon, 18 Jan 2021 07:48:02 GMT) (full text, mbox, link).

Message #10 received at 980326@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: 980326@bugs.debian.org
Subject: Re: Bug#980326: mutt: mutt recipient parsing memory leak
Date: Mon, 18 Jan 2021 08:45:59 +0100
Hi,

On Sun, Jan 17, 2021 at 09:01:22PM +0100, Salvatore Bonaccorso wrote:
> Source: mutt
> Version: 2.0.2-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
> 
> 
> Hi,
> 
> This was reported at
> https://www.openwall.com/lists/oss-security/2021/01/17/2 and upstream
> apparently at https://gitlab.com/muttmua/mutt/-/issues/323 (not
> public).

Upstream issue #323 is now opened.

Regards,
Salvatore

Set Bug forwarded-to-address to 'https://gitlab.com/muttmua/mutt/-/issues/323'. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Mon, 18 Jan 2021 07:48:04 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Tue, 19 Jan 2021 07:54:02 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Tue, 19 Jan 2021 07:54:03 GMT) (full text, mbox, link).

Message #17 received at 980326@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: 980326@bugs.debian.org
Subject: Re: Bug#980326: mutt: mutt recipient parsing memory leak
Date: Tue, 19 Jan 2021 08:51:15 +0100
Hi,

On Mon, Jan 18, 2021 at 08:45:59AM +0100, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Sun, Jan 17, 2021 at 09:01:22PM +0100, Salvatore Bonaccorso wrote:
> > Source: mutt
> > Version: 2.0.2-1
> > Severity: important
> > Tags: security upstream
> > X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
> > 
> > 
> > Hi,
> > 
> > This was reported at
> > https://www.openwall.com/lists/oss-security/2021/01/17/2 and upstream
> > apparently at https://gitlab.com/muttmua/mutt/-/issues/323 (not
> > public).
> 
> Upstream issue #323 is now opened.

The commit in the stable branch is
https://gitlab.com/muttmua/mutt/-/commit/4a2becbdb4422aaffe3ce314991b9d670b7adf17

Regards,
Salvatore

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Tue, 19 Jan 2021 08:09:03 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Tue, 19 Jan 2021 08:09:03 GMT) (full text, mbox, link).

Message #22 received at 980326@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: 980326@bugs.debian.org
Subject: mutt: diff for NMU version 2.0.2-1.1
Date: Tue, 19 Jan 2021 09:07:37 +0100
[Message part 1 (text/plain, inline)]
Control: tags 980326 + patch
Control: tags 980326 + pending

Hi Antonio,

I've prepared an NMU for mutt (versioned as 2.0.2-1.1) and
uploaded it to DELAYED/10. Please feel free to tell me if I
should delay it longer (or shorter).

Actually IMHO it would be more sensible to rebase to the current
upstream version and cherry-pick the additional commits already queued
for stable.

Regards,
Salvatore

[mutt-2.0.2-1.1-nmu.diff (text/x-diff, attachment)]

Added tag(s) patch. Request was from Salvatore Bonaccorso <carnil@debian.org> to 980326-submit@bugs.debian.org. (Tue, 19 Jan 2021 08:09:03 GMT) (full text, mbox, link).

Added tag(s) pending. Request was from Salvatore Bonaccorso <carnil@debian.org> to 980326-submit@bugs.debian.org. (Tue, 19 Jan 2021 08:09:03 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Tue, 19 Jan 2021 20:00:03 GMT) (full text, mbox, link).

Acknowledgement sent to Antonio Radici <antonio@debian.org>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Tue, 19 Jan 2021 20:00:03 GMT) (full text, mbox, link).

Message #31 received at 980326@bugs.debian.org (full text, mbox, reply):

From: Antonio Radici <antonio@debian.org>
To: Salvatore Bonaccorso <carnil@debian.org>, 980326@bugs.debian.org
Subject: Re: Bug#980326: mutt: diff for NMU version 2.0.2-1.1
Date: Tue, 19 Jan 2021 20:47:01 +0100
On Tue, Jan 19, 2021 at 09:07:37AM +0100, Salvatore Bonaccorso wrote:
> Control: tags 980326 + patch
> Control: tags 980326 + pending
> 
> Hi Antonio,
> 
> I've prepared an NMU for mutt (versioned as 2.0.2-1.1) and
> uploaded it to DELAYED/10. Please feel free to tell me if I
> should delay it longer (or shorter).
> 
> Actually IMHO it would be more sensible to rebase to the current
> upstream version and cherry-pick the additional commits already queued
> for stable.
> 

Thanks for the patch, I will upgrade to the latest upstream version by Sunday
this week, I have no problem with the NMU!

Does it make sense? When you talk about "additional commits already queued for
stable" what are you referring to?

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Tue, 19 Jan 2021 20:18:03 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Tue, 19 Jan 2021 20:18:03 GMT) (full text, mbox, link).

Message #36 received at 980326@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: 980326@bugs.debian.org
Subject: Re: Bug#980326: mutt: mutt recipient parsing memory leak
Date: Tue, 19 Jan 2021 21:15:29 +0100
Control: retitle -1 980326 mutt: CVE-2021-3181: mutt recipient parsing memory leak

On Sun, Jan 17, 2021 at 09:01:22PM +0100, Salvatore Bonaccorso wrote:
> Source: mutt
> Version: 2.0.2-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
> 
> 
> Hi,
> 
> This was reported at
> https://www.openwall.com/lists/oss-security/2021/01/17/2 and upstream
> apparently at https://gitlab.com/muttmua/mutt/-/issues/323 (not
> public).
> 
> Upstream fix: https://gitlab.com/muttmua/mutt/-/commit/c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545

This has CVE-2021-3181 assigned.

Regards,
Salvatore

Changed Bug title to '980326 mutt: CVE-2021-3181: mutt recipient parsing memory leak' from 'mutt: mutt recipient parsing memory leak'. Request was from Salvatore Bonaccorso <carnil@debian.org> to 980326-submit@bugs.debian.org. (Tue, 19 Jan 2021 20:18:03 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Tue, 19 Jan 2021 20:33:03 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Tue, 19 Jan 2021 20:33:04 GMT) (full text, mbox, link).

Message #43 received at 980326@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Antonio Radici <antonio@debian.org>
Cc: 980326@bugs.debian.org, Debian Security Team <team@security.debian.org>
Subject: Re: Bug#980326: mutt: diff for NMU version 2.0.2-1.1
Date: Tue, 19 Jan 2021 21:28:12 +0100
Hi Antonio,

Thanks for the reply!

On Tue, Jan 19, 2021 at 08:47:01PM +0100, Antonio Radici wrote:
> On Tue, Jan 19, 2021 at 09:07:37AM +0100, Salvatore Bonaccorso wrote:
> > Control: tags 980326 + patch
> > Control: tags 980326 + pending
> > 
> > Hi Antonio,
> > 
> > I've prepared an NMU for mutt (versioned as 2.0.2-1.1) and
> > uploaded it to DELAYED/10. Please feel free to tell me if I
> > should delay it longer (or shorter).
> > 
> > Actually IMHO it would be more sensible to rebase to the current
> > upstream version and cherry-pick the additional commits already queued
> > for stable.
> > 
> 
> Thanks for the patch, I will upgrade to the latest upstream version by Sunday
> this week, I have no problem with the NMU!

Ok perfect :). Then I cancel the NMU!

> Does it make sense? When you talk about "additional commits already queued for
> stable" what are you referring to?

Yes defintively, I think that's the better option for unstable (and so
bullseye, just need to make sure it will migrate).

With additional commits I mean that after the 2.0.4 release (and since
no release was cut for 2.0.5) there are commits in
https://gitlab.com/muttmua/mutt/-/commits/stable/ which seems woth to
pick as well. Apart the above commit (which now has CVE-2021-3181
assigned) there are other commits like two more memory leak fixes.

Thanks for your work!

Regards,
Salvatore

Marked as found in versions mutt/1.10.1-2.1+deb10u4. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Tue, 19 Jan 2021 21:21:03 GMT) (full text, mbox, link).

Marked as found in versions mutt/1.10.1-1. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Tue, 19 Jan 2021 21:21:03 GMT) (full text, mbox, link).

Changed Bug title to 'mutt: CVE-2021-3181: mutt recipient parsing memory leak' from '980326 mutt: CVE-2021-3181: mutt recipient parsing memory leak'. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Tue, 19 Jan 2021 22:30:04 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Wed, 20 Jan 2021 18:33:05 GMT) (full text, mbox, link).

Acknowledgement sent to "Kevin J. McCarthy" <kevin@8t8.us>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Wed, 20 Jan 2021 18:33:05 GMT) (full text, mbox, link).

Message #54 received at 980326@bugs.debian.org (full text, mbox, reply):

From: "Kevin J. McCarthy" <kevin@8t8.us>
To: 980326@bugs.debian.org
Subject: Re: Bug#980326: mutt: diff for NMU version 2.0.2-1.1
Date: Wed, 20 Jan 2021 10:31:54 -0800
[Message part 1 (text/plain, inline)]
On Tue, Jan 19, 2021 at 08:47:01PM +0100, Antonio Radici wrote:
> Thanks for the patch, I will upgrade to the latest upstream version by Sunday
> this week

Antonio, if it helps, I can try to get a 2.0.5 release out before the 
weekend.

-Kevin

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Wed, 20 Jan 2021 21:39:02 GMT) (full text, mbox, link).

Acknowledgement sent to Antonio Radici <antonio@debian.org>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Wed, 20 Jan 2021 21:39:02 GMT) (full text, mbox, link).

Message #59 received at 980326@bugs.debian.org (full text, mbox, reply):

From: Antonio Radici <antonio@debian.org>
To: "Kevin J. McCarthy" <kevin@8t8.us>, 980326@bugs.debian.org
Subject: Re: Bug#980326: mutt: diff for NMU version 2.0.2-1.1
Date: Wed, 20 Jan 2021 22:36:59 +0100
On Wed, Jan 20, 2021 at 10:31:54AM -0800, Kevin J. McCarthy wrote:
> On Tue, Jan 19, 2021 at 08:47:01PM +0100, Antonio Radici wrote:
> > Thanks for the patch, I will upgrade to the latest upstream version by Sunday
> > this week
> 
> Antonio, if it helps, I can try to get a 2.0.5 release out before the
> weekend.

Hi Kevin,
yes that will definitely help so we will get additional commits that are not yet in 2.0.4.

If you can't make it by the weekend I should be able to find some time on Mon/Tue to do the upload!

Information forwarded to debian-bugs-dist@lists.debian.org, Mutt maintainers <mutt@packages.debian.org>:
Bug#980326; Package src:mutt. (Thu, 21 Jan 2021 21:39:05 GMT) (full text, mbox, link).

Acknowledgement sent to "Kevin J. McCarthy" <kevin@8t8.us>:
Extra info received and forwarded to list. Copy sent to Mutt maintainers <mutt@packages.debian.org>. (Thu, 21 Jan 2021 21:39:05 GMT) (full text, mbox, link).

Message #64 received at 980326@bugs.debian.org (full text, mbox, reply):

From: "Kevin J. McCarthy" <kevin@8t8.us>
To: Antonio Radici <antonio@debian.org>, 980326@bugs.debian.org
Subject: Re: Bug#980326: mutt: diff for NMU version 2.0.2-1.1
Date: Thu, 21 Jan 2021 13:30:45 -0800
[Message part 1 (text/plain, inline)]
On Wed, Jan 20, 2021 at 10:36:59PM +0100, Antonio Radici wrote:
>yes that will definitely help so we will get additional commits that are not yet in 2.0.4.
>
>If you can't make it by the weekend I should be able to find some time 
>on Mon/Tue to do the upload!

I've just released 2.0.5.  For this bug, it only contains the actual 
memory leak fix 
<https://gitlab.com/muttmua/mutt/-/commit/c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545>.

I was sorely tempted to include the other fix 
<https://gitlab.com/muttmua/mutt/-/commit/939b02b33ae29bc0d642570c1dcfd4b339037d19>, 
but in the end decided to be disciplined with a stable release.

There are actually a couple more fixes I plan on making to group 
parsing, but again in master, where they will have a bit more time to 
bake and uncover potential problems.

Thanks for making an upload.  It will be good to have the bug fixes in 
2.0.3+ in the next Debian release!

-Kevin




[signature.asc (application/pgp-signature, inline)]

Reply sent to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility. (Sun, 24 Jan 2021 18:33:03 GMT) (full text, mbox, link).

Notification sent to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer. (Sun, 24 Jan 2021 18:33:03 GMT) (full text, mbox, link).

Message #69 received at 980326-done@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: 980326-done@bugs.debian.org
Subject: [ftpmaster@ftp-master.debian.org: Accepted mutt 2.0.5-1 (source) into unstable]
Date: Sun, 24 Jan 2021 19:28:32 +0100
Source: mutt
Source-Version: 2.0.5-1

----- Forwarded message from Debian FTP Masters <ftpmaster@ftp-master.debian.org> -----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 24 Jan 2021 09:58:18 +0100
Source: mutt
Architecture: source
Version: 2.0.5-1
Distribution: unstable
Urgency: medium
Maintainer: Mutt maintainers <mutt@packages.debian.org>
Changed-By: Antonio Radici <antonio@debian.org>
Changes:
 mutt (2.0.5-1) unstable; urgency=medium
 .
   * Latest upstream release
     + contains fix for CVE-2021-3181.
   * debian/patches: all refreshed.
Checksums-Sha1:
 f778c78c988c5f4a5f6448d43fa64ec568968897 2307 mutt_2.0.5-1.dsc
 5254653d11f03e59d6a733f696076f4cebfa7324 5294710 mutt_2.0.5.orig.tar.gz
 0ea5fe0ef496229bea4f2f71cf23fee8372ca4c0 833 mutt_2.0.5.orig.tar.gz.asc
 60fa4002ffffa26316b12f6c0b7ca3ee3a9c05a4 60568 mutt_2.0.5-1.debian.tar.xz
 93747c4f9ed70b3af6f8be3304a0c82716d2b694 7968 mutt_2.0.5-1_amd64.buildinfo
Checksums-Sha256:
 66661e187a4a3924dff8a15f594bd7e078d34edb37a79a3251ddac1b6c6e48fa 2307 mutt_2.0.5-1.dsc
 e21d5aec0d3110f89d390929e56a38794a94f5843120d9ff59b21da78fd0004d 5294710 mutt_2.0.5.orig.tar.gz
 9deff041e96664c2871e04eff30c0c77ac35d8a35a515c749bcbf205656c622c 833 mutt_2.0.5.orig.tar.gz.asc
 d7ecda9fe57b53dd6754d4976969f3f88c4c2fdc02f8253be9fb7361fe70be21 60568 mutt_2.0.5-1.debian.tar.xz
 20305c0553a8c1c2157afcfb3cbf8efebfd01064d6f67e7132bf9efb08a0118a 7968 mutt_2.0.5-1_amd64.buildinfo
Files:
 9f4899f4bf43b0fe43c3fdedb19976b0 2307 mail optional mutt_2.0.5-1.dsc
 f738a7d1d458d91420fe0759845e4d0a 5294710 mail optional mutt_2.0.5.orig.tar.gz
 ca23b5285b3b22b1b9ce6541bcec6162 833 mail optional mutt_2.0.5.orig.tar.gz.asc
 a4426dac7bb6a5de4ee2358eb57a2f34 60568 mail optional mutt_2.0.5-1.debian.tar.xz
 b4eb28f6d4c3d4b1c1eba7dc41ad275d 7968 mail optional mutt_2.0.5-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAxFiEEQObYrBkA1SRrfOa1NcjIiHLLHu0FAmANOzsTHGFudG9uaW9A
ZGViaWFuLm9yZwAKCRA1yMiIcsse7UfSD/4nr32tZHdxM/Ao6Jj81ncNAq50lhoG
s5AY371x16s0aGIEOEPgtg4NW6DVrsZ9uEDeR3iQfle/0sl8iKGyY36nbqWlbX47
1Cq3Ux/iPdPEIdTr3m8HxDmE2RK4POdIcP/OfcGsaJ0pGZwnedqjWJDfR1N1oyaQ
8TQxrfUSXNjC4+BD1CNkiRS/QdZcVX+ECDeqqO4ZLa9ndq0ICj2ZiN0LK20DH+Am
xnZI+pC+T8xeqAp87lCWE6ZjqBiRn1sLyCZUTk0tVXku4/sfS2XHI2MLFOqXV8XH
XdgFAnPo+yq56t57shlGuy5GgUqFbkagh5sNjEX8T0IAKjbzmjGbCLbIQuF/0lLS
s2SxGduwcOY3FYUuP4MJh4fZjMCo4HkYHw+rF4UmbltU6fEEKs/73c0t/7EAG0mw
e3QLtOeNJ5FHEaVWn/rKZS6WBoKOeOg9TRI754uKnXBIFA6YlySkOaweO5CChrXF
4MeRhPEVyCdVYWtjV9/AbGzNJ99+8Ur45EZ1IhPMc0ravshucmYnBjiJvAZvyQOF
+bkPiGDfnWUDsdhqFwWHNZ8G/8OpwNxhu9ynykrtVcfHVutA17VbypOYDQvSv0+0
ULugZD5egkVMtsIwwYUuiKI1oHbicTlHKcNw8lA+v6w2czEwkPM6VpmnnxdEI2RI
kC2wBVe9uuft0Q==
=icjX
-----END PGP SIGNATURE-----

----- End forwarded message -----

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Jan 25 09:26:51 2021; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started