Vulnerabilities > Mutt

DATE CVE VULNERABILITY TITLE RISK
2022-04-14 CVE-2022-1328 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line
network
low complexity
mutt debian CWE-120
5.0
2021-05-05 CVE-2021-32055 Out-of-bounds Read vulnerability in multiple products
Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma.
network
mutt neomutt CWE-125
5.8
2021-01-19 CVE-2021-3181 Resource Exhaustion vulnerability in multiple products
rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups).
4.3
2020-11-23 CVE-2020-28896 Insufficiently Protected Credentials vulnerability in multiple products
Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid.
network
high complexity
mutt neomutt debian CWE-522
2.6
2020-06-21 CVE-2020-14954 Injection vulnerability in multiple products
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3.
4.3
2020-06-15 CVE-2020-14154 Unspecified vulnerability in Mutt
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
network
mutt
5.8
2020-06-15 CVE-2020-14093 Cleartext Transmission of Sensitive Information vulnerability in multiple products
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
4.3
2019-11-01 CVE-2005-2351 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
local
low complexity
mutt debian CWE-668
2.1
2018-07-17 CVE-2018-14362 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-119
7.5
2018-07-17 CVE-2018-14359 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-120
7.5