Debian/mutt — 64 CVEs · VulnScope

pkg:Debian/mutt

64 total CVEsCRITICAL16HIGH1MEDIUM22LOW6

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2018-14362An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8CVE-2018-14361An issue was discovered in NeoMutt before 2018-07-16.
from 0, < 1.9.1-1
CRITICAL9.8An issue was discovered in NeoMutt before 2018-07-16.
from 0, < 1.9.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
CRITICAL9.8mutt - security update
from 0, < 1.5.23-3+deb8u1
CRITICAL9.8mutt - security update
from 0, < 1.7.2-1+deb9u1
CRITICAL9.8mutt - security update
from 0, < 1.10.1-1
CRITICAL9.1Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an ou…
from 0, < 2.0.5-4.1
HIGH7.5An issue was discovered in NeoMutt before 2018-07-16.
from 0, < 1.9.1-1
MEDIUM6.5In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a mess…
from 0
MEDIUM6.5mutt - security update
from 0, < 1.10.1-2.1+deb10u7
MEDIUM6.5mutt - security update
from 0, < 2.0.5-4.1+deb11u3
MEDIUM6.5mutt - security update
from 0, < 2.0.5-4.1+deb11u3
MEDIUM6.5mutt - security update
from 0, < 1.10.1-2.1+deb10u5
MEDIUM6.5mutt - security update
from 0, < 1.7.2-1+deb9u5
MEDIUM6.5mutt - security update
from 0, < 2.0.5-1
MEDIUM5.9Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3.
from 0, < 1.14.4-1
MEDIUM5.9neomutt - security update
from 0, < 1.5.23-3+deb8u2
MEDIUM5.9neomutt - security update
from 0, < 1.7.2-1+deb9u3
MEDIUM5.9neomutt - security update
from 0, < 1.5.23-3+deb8u3
MEDIUM5.9neomutt - security update
from 0, < 1.14.3-1
MEDIUM5.7Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12
from 0, < 2.0.5-4.1+deb11u3
MEDIUM5.5Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
from 0, < 1.5.20-7
MEDIUM5.3In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from th…
from 0
MEDIUM5.3In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unenc…
from 0
MEDIUM5.3mutt - security update
from 0, < 1.7.2-1+deb9u6
MEDIUM5.3mutt - security update
from 0, < 2.0.5-4.1+deb11u1
MEDIUM5.3mutt - security update
from 0, < 2.0.2-1
MEDIUM5.3mutt - security update
from 0, < 1.7.2-1+deb9u4
MEDIUM5.3An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
from 0, < 1.10.1-1
MEDIUM4.8Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate…
from 0, < 1.14.3-1
LOW3.7mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.
from 0
LOW3.7In mutt before 2.3.2, the imap_auth_gss security level is mishandled.
from 0
LOW3.7mutt before 2.3.2 does not check for '\0' in url_pct_decode.
from 0
LOW3.7mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest.
from 0
LOW3.7mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest.
from 0
LOW2.5mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.
from 0
—mutt - security update
from 0, < 1.5.20-9+squeeze4
—mutt - security update
from 0, < 1.5.23-2
—mutt - security update
from 0, < 1.5.21-6.2+deb7u3
—mutt - security update
from 0, < 1.5.22-2
—mutt - security update
from 0, < 1.5.20-9+squeeze3
—Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the…
from 0, < 1.5.21-5
—Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certifica…
from 0, < 1.5.20-1
—Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the o…
from 0, < 1.5.15+20070608-1
—icedove - several vulnerabilities
from 0, < 1.5.18-6
—Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishin…
from 0
—The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created wit…
from 0, < 1.5.13-1.1
—Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, al…
from 0, < 1.5.13-1.1
—mutt - buffer overflow
from 0, < 1.5.11+cvs20060403-2
—mutt - buffer overflow
from 0, < 1.5.9-2sarge2
—Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of…
from 0, < 1.5.6-20040722+1
—balsa - buffer overflow
from 0, < 1.3.28-2.2
—balsa - buffer overflow
from 0, < 1.4.0
—mutt - buffer overflow
from 0, < 1.5.4-1
—mutt - buffer overflow
from 0, < 1.3.28-2.1