muttmua/mutt
GitHub
Releases228
Frequency1 month 2 weeks
Last Release
Stars270
The Mutt E-Mail Client github mirror. Please use gitlab for issues/pull requests.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 3.7 LOW | — | ||
mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c. | |||
| 2.5 LOW | — | ||
mutt before 2.3.2 has a show_sig_summary NULL pointer dereference. | |||
| 3.7 LOW | — | ||
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest. | |||
| 3.7 LOW | — | ||
mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest. | |||
| 3.7 LOW | — | ||
mutt before 2.3.2 does not check for '\0' in url_pct_decode. | |||
| 3.7 LOW | — | ||
In mutt before 2.3.2, the imap_auth_gss security level is mishandled. | |||
| 5.9 MEDIUM | 4.3 MEDIUM | ||
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. | |||