Vulnerabilities > Neomutt

DATE CVE VULNERABILITY TITLE RISK
2021-05-05 CVE-2021-32055 Out-of-bounds Read vulnerability in multiple products
Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma.
network
mutt neomutt CWE-125
5.8
2020-11-23 CVE-2020-28896 Insufficiently Protected Credentials vulnerability in multiple products
Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid.
network
high complexity
mutt neomutt debian CWE-522
2.6
2020-06-21 CVE-2020-14954 Injection vulnerability in multiple products
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3.
4.3
2018-07-17 CVE-2018-14363 Path Traversal vulnerability in multiple products
An issue was discovered in NeoMutt before 2018-07-16.
network
low complexity
debian neomutt CWE-22
5.0
2018-07-17 CVE-2018-14362 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-119
7.5
2018-07-17 CVE-2018-14361 Improper Input Validation vulnerability in multiple products
An issue was discovered in NeoMutt before 2018-07-16.
network
low complexity
debian neomutt CWE-20
7.5
2018-07-17 CVE-2018-14360 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in NeoMutt before 2018-07-16.
network
low complexity
debian neomutt CWE-787
7.5
2018-07-17 CVE-2018-14359 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-120
7.5
2018-07-17 CVE-2018-14358 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-787
7.5
2018-07-17 CVE-2018-14357 OS Command Injection vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian redhat CWE-78
7.5