Vulnerabilities > Mutt

DATE CVE VULNERABILITY TITLE RISK
2020-11-23 CVE-2020-28896 Insufficiently Protected Credentials vulnerability in multiple products
Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid.
network
high complexity
mutt neomutt debian CWE-522
2.6
2020-06-21 CVE-2020-14954 Injection vulnerability in multiple products
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3.
4.3
2020-06-15 CVE-2020-14154 Unspecified vulnerability in Mutt
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
network
mutt
5.8
2020-06-15 CVE-2020-14093 Information Exposure vulnerability in Mutt
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
network
mutt CWE-200
4.3
2019-11-01 CVE-2005-2351 Exposure of Resource TO Wrong Sphere vulnerability in multiple products
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
local
low complexity
mutt debian CWE-668
2.1
2018-07-17 CVE-2018-14362 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-119
7.5
2018-07-17 CVE-2018-14359 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-120
7.5
2018-07-17 CVE-2018-14358 Out-Of-Bounds Write vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-787
7.5
2018-07-17 CVE-2018-14357 OS Command Injection vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-78
7.5
2018-07-17 CVE-2018-14356 Access of Uninitialized Pointer vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
debian mutt neomutt canonical CWE-824
7.5