Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Neomutt
(Neomutt)| Repositories | https://github.com/neomutt/neomutt |
| #Vulnerabilities | 18 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-17 | CVE-2018-14357 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription. | Ubuntu_linux, Debian_linux, Mutt, Neomutt, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2018-07-17 | CVE-2018-14354 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription. | Ubuntu_linux, Debian_linux, Mutt, Neomutt, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2018-07-17 | CVE-2018-14363 | An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames. | Debian_linux, Neomutt | 7.5 | ||
| 2018-07-17 | CVE-2018-14362 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character. | Ubuntu_linux, Debian_linux, Mutt, Neomutt, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 9.8 | ||
| 2018-07-17 | CVE-2018-14361 | An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data. | Debian_linux, Neomutt | 9.8 | ||
| 2018-07-17 | CVE-2018-14360 | An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage. | Debian_linux, Neomutt | 9.8 | ||
| 2018-07-17 | CVE-2018-14359 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data. | Ubuntu_linux, Debian_linux, Mutt, Neomutt | 9.8 | ||
| 2018-07-17 | CVE-2018-14358 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field. | Ubuntu_linux, Debian_linux, Mutt, Neomutt | 9.8 | ||
| 2018-07-17 | CVE-2018-14356 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID. | Ubuntu_linux, Debian_linux, Mutt, Neomutt | 9.8 | ||
| 2018-07-17 | CVE-2018-14355 | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name. | Ubuntu_linux, Debian_linux, Mutt, Neomutt | 5.3 |