Total
45 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4875 | 2 Debian, Mutt | 2 Debian Linux, Mutt | 2024-08-29 | N/A | 5.7 MEDIUM |
| Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12 | |||||
| CVE-2023-4874 | 2 Debian, Mutt | 2 Debian Linux, Mutt | 2024-08-29 | N/A | 6.5 MEDIUM |
| Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12 | |||||
| CVE-2022-1328 | 3 Debian, Fedoraproject, Mutt | 3 Debian Linux, Fedora, Mutt | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line | |||||
| CVE-2021-32055 | 2 Mutt, Neomutt | 2 Mutt, Neomutt | 2024-02-28 | 5.8 MEDIUM | 9.1 CRITICAL |
| Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imap_qresync setting for QRESYNC is not enabled by default. | |||||
| CVE-2021-3181 | 3 Debian, Fedoraproject, Mutt | 3 Debian Linux, Fedora, Mutt | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see email messages from other persons. | |||||