373 matches found
CVE-2024-49394
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender...
CVE-2024-49393
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality...
PT-2024-10069
Name of the Vulnerable Software and Affected Versions mutt and neomutt affected versions not specified Description The issue is related to PGP encryption in mutt and neomutt, where the --hidden-recipient mode is not used. This may lead to the leakage of the Bcc email header field by inferring fro...
PT-2024-10072
Name of the Vulnerable Software and Affected Versions Mutt and NeoMutt affected versions not specified Description The issue is related to errors in cryptographic signature verification when processing header fields. This allows a remote attacker to modify the list of trusted recipients and...
OPENSUSE-SU-2024:11079-1 neomutt-20210205-3.3 on GA media
These are all security issues fixed in the neomutt-20210205-3.3 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:12105-1 neomutt-20220429-1.1 on GA media
These are all security issues fixed in the neomutt-20220429-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11719-1 neomutt-20211029-1.1 on GA media
These are all security issues fixed in the neomutt-20211029-1.1 package on the GA media of openSUSE Tumbleweed...
openSUSE: Security Advisory for neomutt (openSUSE-SU-2022:10020-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : mutt (RLSA-2021:4181)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4181 advisory. - Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid...
Mageia: Security Advisory (MGASA-2023-0232)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0232 Updated mutt/neomutt packages fix security vulnerability
Out-of-bounds read in imap/util.c when an IMAP sequence set ends with a comma. CVE-2021-32055 Overflow in uudecoder in Mutt allows read past end of input line CVE-2022-1328...
Updated mutt/neomutt packages fix security vulnerability
Out-of-bounds read in imap/util.c when an IMAP sequence set ends with a comma. CVE-2021-32055 Overflow in uudecoder in Mutt allows read past end of input line CVE-2022-1328...
SUSE CVE-2018-14350
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...
SUSE CVE-2018-14349
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message...
SUSE CVE-2018-14354
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription...
SUSE CVE-2018-14353
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imapquotestring in imap/util.c has an integer underflow...
SUSE CVE-2018-14352
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imapquotestring in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow...
SUSE CVE-2018-14356
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID...
SUSE CVE-2018-14357
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription...
SUSE CVE-2018-14360
An issue was discovered in NeoMutt before 2018-07-16. nntpaddgroup in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage...