PRIOn knowledge basePRION:CVE-2018-14363

HistoryJul 17, 2018 - 5:29 p.m.

Design/Logic Flaw

2018-07-1717:29:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.3%

JSON

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict ‘/’ characters that may have unsafe interaction with cache pathnames.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq9.0
neomuttlt20180716

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	9.0
neomutt	lt	20180716

References

github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e

lists.debian.org/debian-lts-announce/2018/08/msg00001.html

neomutt.org/2018/07/16/release

www.debian.org/security/2018/dsa-4277