Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 10 of 41 results

CVE-2024-49395

Medium priority
Needs evaluation

In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.

2 affected packages

mutt, neomutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
neomutt Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-49394

Medium priority
Needs evaluation

In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.

2 affected packages

mutt, neomutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
neomutt Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-49393

Medium priority
Needs evaluation

In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise...

2 affected packages

mutt, neomutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
neomutt Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-4875

Medium priority
Fixed

Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12

1 affected packages

mutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-4874

Medium priority
Fixed

Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12

1 affected packages

mutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-1328

Medium priority

Some fixes available 10 of 19

Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line

2 affected packages

mutt, neomutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Fixed Fixed Fixed Fixed Fixed
neomutt Needs evaluation Needs evaluation Vulnerable Vulnerable Ignored
Show less packages

CVE-2021-32055

Low priority

Some fixes available 2 of 15

Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the...

2 affected packages

mutt, neomutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Not affected Not affected Fixed Not affected Fixed
neomutt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2021-3181

Medium priority
Fixed

rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of...

1 affected packages

mutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Fixed Fixed Fixed
Show less packages

CVE-2020-28896

Medium priority

Some fixes available 4 of 7

Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue...

2 affected packages

mutt, neomutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Not affected Not affected Fixed Fixed Fixed
neomutt Not affected Not affected Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2020-14954

Medium priority

Some fixes available 4 of 7

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a...

2 affected packages

mutt, neomutt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mutt Not affected Not affected Fixed Fixed Fixed
neomutt Not affected Not affected Needs evaluation Needs evaluation Not in release
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON