Filtered by vendor Mutt Subscriptions
Filtered by product Mutt Subscriptions
Total 45 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0473 5 Conectiva, Immunix, Mandrakesoft and 2 more 5 Linux, Immunix, Mandrake Linux and 2 more 2024-11-21 N/A
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
CVE-1999-0941 1 Mutt 1 Mutt 2024-11-21 N/A
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
CVE-2024-49395 3 Mutt, Neomutt, Redhat 3 Mutt, Neomutt, Enterprise Linux 2024-11-16 5.3 Medium
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
CVE-2024-49394 3 Mutt, Neomutt, Redhat 3 Mutt, Neomutt, Enterprise Linux 2024-11-16 5.3 Medium
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.
CVE-2024-49393 3 Mutt, Neomutt, Redhat 3 Mutt, Neomutt, Enterprise Linux 2024-11-16 7.4 High
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.