neomutt

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A version of mutt with added features
Version 20191207-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-740 20180622-2 20180716-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2018-14363 AVG-740 Medium Yes Directory traversal
An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.
CVE-2018-14362 AVG-740 Medium Yes Directory traversal
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with...
CVE-2018-14361 AVG-740 Medium Yes Denial of service
An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.
CVE-2018-14360 AVG-740 Medium Yes Arbitrary code execution
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.
CVE-2018-14359 AVG-740 High Yes Arbitrary code execution
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
CVE-2018-14358 AVG-740 Medium Yes Arbitrary code execution
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a...
CVE-2018-14357 AVG-740 High Yes Arbitrary command execution
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote...
CVE-2018-14356 AVG-740 Medium Yes Insufficient validation
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.F
CVE-2018-14355 AVG-740 Medium Yes Directory traversal
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
CVE-2018-14354 AVG-740 Medium Yes Arbitrary command execution
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote...
CVE-2018-14353 AVG-740 Medium Yes Denial of service
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.
CVE-2018-14352 AVG-740 Medium Yes Denial of service
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters,...
CVE-2018-14351 AVG-740 Medium Yes Denial of service
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.
CVE-2018-14350 AVG-740 Medium Yes Denial of service
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a...
CVE-2018-14349 AVG-740 Medium Yes Incorrect calculation
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.