{"url":"http://public2.vulnerablecode.io/api/packages/4947?format=json","purl":"pkg:deb/debian/mutt@1.5.18-6","type":"deb","namespace":"debian","name":"mutt","version":"1.5.18-6","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.3.2-1","latest_non_vulnerable_version":"2.3.2-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6266?format=json","vulnerability_id":"VCID-29an-2kma-fuf4","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14350","reference_id":"","reference_type":"","scores":[{"value":"0.03304","scoring_system":"epss","scoring_elements":"0.87462","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03304","scoring_system":"epss","scoring_elements":"0.87492","published_at":"2026-06-09T12:55:00Z"},{"value":"0.03304","scoring_system":"epss","scoring_elements":"0.87481","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03304","scoring_system":"epss","scoring_elements":"0.8748","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03304","scoring_system":"epss","scoring_elements":"0.87483","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03304","scoring_system":"epss","scoring_elements":"0.87482","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602922","reference_id":"1602922","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602922"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14350"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29an-2kma-fuf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6267?format=json","vulnerability_id":"VCID-2bm9-4ums-1ydg","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14349","reference_id":"","reference_type":"","scores":[{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76658","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76695","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76683","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76672","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76687","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76694","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602934","reference_id":"1602934","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602934"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14349"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2bm9-4ums-1ydg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5787?format=json","vulnerability_id":"VCID-3uy8-vqh9-r3hh","summary":"silent downgrade","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28896","reference_id":"","reference_type":"","scores":[{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27396","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27478","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.2744","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.2739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27463","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27529","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900826","reference_id":"1900826","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900826"},{"reference_url":"https://security.archlinux.org/ASA-202011-24","reference_id":"ASA-202011-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-24"},{"reference_url":"https://security.archlinux.org/ASA-202011-25","reference_id":"ASA-202011-25","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-25"},{"reference_url":"https://security.archlinux.org/AVG-1288","reference_id":"AVG-1288","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1288"},{"reference_url":"https://security.archlinux.org/AVG-1289","reference_id":"AVG-1289","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1289"},{"reference_url":"https://security.gentoo.org/glsa/202101-32","reference_id":"GLSA-202101-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4181","reference_id":"RHSA-2021:4181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4181"},{"reference_url":"https://usn.ubuntu.com/4645-1/","reference_id":"USN-4645-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4645-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-28896"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3uy8-vqh9-r3hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6257?format=json","vulnerability_id":"VCID-5ctn-49r3-nba2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14359","reference_id":"","reference_type":"","scores":[{"value":"0.04101","scoring_system":"epss","scoring_elements":"0.88804","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04101","scoring_system":"epss","scoring_elements":"0.88789","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04101","scoring_system":"epss","scoring_elements":"0.88821","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04101","scoring_system":"epss","scoring_elements":"0.88805","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604084","reference_id":"1604084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604084"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14359"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ctn-49r3-nba2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93821?format=json","vulnerability_id":"VCID-5mx1-cjrr-sycr","summary":"Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a \"begin TLS\" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka \"response injection.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14954","reference_id":"","reference_type":"","scores":[{"value":"0.0479","scoring_system":"epss","scoring_elements":"0.89662","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0479","scoring_system":"epss","scoring_elements":"0.8968","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0479","scoring_system":"epss","scoring_elements":"0.89681","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0479","scoring_system":"epss","scoring_elements":"0.89696","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850170","reference_id":"1850170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850170"},{"reference_url":"https://security.gentoo.org/glsa/202007-57","reference_id":"GLSA-202007-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-57"},{"reference_url":"https://usn.ubuntu.com/4403-1/","reference_id":"USN-4403-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4403-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-14954"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5mx1-cjrr-sycr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93816?format=json","vulnerability_id":"VCID-6nzw-zy6c-g7a5","summary":"Buffer overflow in copy.c in Mutt before 1.5.23 allows remote attackers to cause a denial of service (crash) via a crafted RFC2047 header line, related to address expansion.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0467","reference_id":"","reference_type":"","scores":[{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.83198","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.83224","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.83225","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.8322","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.83213","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1075860","reference_id":"1075860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1075860"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731","reference_id":"708731","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731"},{"reference_url":"https://security.gentoo.org/glsa/201406-05","reference_id":"GLSA-201406-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0304","reference_id":"RHSA-2014:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0304"},{"reference_url":"https://usn.ubuntu.com/2147-1/","reference_id":"USN-2147-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2147-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4950?format=json","purl":"pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6nzw-zy6c-g7a5"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-qmke-6aj3-cyf9"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/4951?format=json","purl":"pkg:deb/debian/mutt@1.5.23-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3"}],"aliases":["CVE-2014-0467"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6nzw-zy6c-g7a5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93811?format=json","vulnerability_id":"VCID-6qg2-4vys-3qex","summary":"Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote attackers to spoof trusted servers via a man-in-the-middle attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1390","reference_id":"","reference_type":"","scores":[{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63259","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63302","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.6331","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63299","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63286","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63304","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=504979","reference_id":"504979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=504979"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4948?format=json","purl":"pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6nzw-zy6c-g7a5"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-863c-wuf3-vfcw"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-qmke-6aj3-cyf9"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3"}],"aliases":["CVE-2009-1390"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qg2-4vys-3qex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7063?format=json","vulnerability_id":"VCID-6vwr-jyu5-7bhg","summary":"information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32055","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59044","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59052","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59043","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59027","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58999","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59047","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32055"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957451","reference_id":"1957451","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957451"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106","reference_id":"988106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107","reference_id":"988107","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107"},{"reference_url":"https://security.archlinux.org/AVG-1922","reference_id":"AVG-1922","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1922"},{"reference_url":"https://security.archlinux.org/AVG-1923","reference_id":"AVG-1923","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1923"},{"reference_url":"https://security.gentoo.org/glsa/202105-05","reference_id":"GLSA-202105-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-05"},{"reference_url":"https://usn.ubuntu.com/5392-1/","reference_id":"USN-5392-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5392-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2021-32055"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vwr-jyu5-7bhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6254?format=json","vulnerability_id":"VCID-7ta6-tmu9-qkes","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14362","reference_id":"","reference_type":"","scores":[{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.83165","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.83193","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.83187","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.83181","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.83191","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.83192","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602079","reference_id":"1602079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602079"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2526","reference_id":"RHSA-2018:2526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2526"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14362"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ta6-tmu9-qkes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93815?format=json","vulnerability_id":"VCID-863c-wuf3-vfcw","summary":"Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1429","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47928","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47991","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51522","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.515","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51466","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55783","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1429"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216","reference_id":"619216","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=688755","reference_id":"688755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=688755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0959","reference_id":"RHSA-2011:0959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0959"},{"reference_url":"https://usn.ubuntu.com/1221-1/","reference_id":"USN-1221-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1221-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4950?format=json","purl":"pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6nzw-zy6c-g7a5"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-qmke-6aj3-cyf9"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3"}],"aliases":["CVE-2011-1429"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-863c-wuf3-vfcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6261?format=json","vulnerability_id":"VCID-8qj4-efgv-cfa1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14355","reference_id":"","reference_type":"","scores":[{"value":"0.00808","scoring_system":"epss","scoring_elements":"0.74555","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00808","scoring_system":"epss","scoring_elements":"0.74589","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00808","scoring_system":"epss","scoring_elements":"0.7458","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00808","scoring_system":"epss","scoring_elements":"0.74562","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00808","scoring_system":"epss","scoring_elements":"0.74586","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00808","scoring_system":"epss","scoring_elements":"0.74592","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602081","reference_id":"1602081","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602081"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1126","reference_id":"RHSA-2020:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1126"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14355"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qj4-efgv-cfa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6258?format=json","vulnerability_id":"VCID-9e6v-c62e-rfcm","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14358","reference_id":"","reference_type":"","scores":[{"value":"0.01378","scoring_system":"epss","scoring_elements":"0.80598","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01378","scoring_system":"epss","scoring_elements":"0.80638","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01378","scoring_system":"epss","scoring_elements":"0.80621","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01378","scoring_system":"epss","scoring_elements":"0.80617","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01378","scoring_system":"epss","scoring_elements":"0.80623","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01378","scoring_system":"epss","scoring_elements":"0.80625","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604064","reference_id":"1604064","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604064"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14358"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9e6v-c62e-rfcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6264?format=json","vulnerability_id":"VCID-9faq-7ug9-2qfz","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14352","reference_id":"","reference_type":"","scores":[{"value":"0.03367","scoring_system":"epss","scoring_elements":"0.87577","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03367","scoring_system":"epss","scoring_elements":"0.87608","published_at":"2026-06-09T12:55:00Z"},{"value":"0.03367","scoring_system":"epss","scoring_elements":"0.87597","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03367","scoring_system":"epss","scoring_elements":"0.87596","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03367","scoring_system":"epss","scoring_elements":"0.87598","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604034","reference_id":"1604034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604034"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14352"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9faq-7ug9-2qfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6260?format=json","vulnerability_id":"VCID-d3um-x65k-wkcw","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14356","reference_id":"","reference_type":"","scores":[{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76658","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76695","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76683","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76672","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76687","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76694","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604047","reference_id":"1604047","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604047"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14356"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3um-x65k-wkcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6255?format=json","vulnerability_id":"VCID-dhda-7ss4-p7fz","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14361","reference_id":"","reference_type":"","scores":[{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.61134","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.61077","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.61126","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.61123","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.61121","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.61103","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14361"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dhda-7ss4-p7fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6256?format=json","vulnerability_id":"VCID-f56e-963w-gka8","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14360","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55143","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55202","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55209","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.552","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55181","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14360"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f56e-963w-gka8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6259?format=json","vulnerability_id":"VCID-hf2r-ve96-xfeb","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14357","reference_id":"","reference_type":"","scores":[{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85712","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85733","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85737","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85718","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85734","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602915","reference_id":"1602915","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602915"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2526","reference_id":"RHSA-2018:2526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2526"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14357"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hf2r-ve96-xfeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93820?format=json","vulnerability_id":"VCID-hpg1-nft4-5ket","summary":"Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14154","reference_id":"","reference_type":"","scores":[{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.72221","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.72263","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.72269","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.72248","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.72234","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.7226","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848287","reference_id":"1848287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848287"},{"reference_url":"https://security.gentoo.org/glsa/202007-57","reference_id":"GLSA-202007-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-57"},{"reference_url":"https://usn.ubuntu.com/4401-1/","reference_id":"USN-4401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-14154"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hpg1-nft4-5ket"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6263?format=json","vulnerability_id":"VCID-ka9r-zy4r-kfhn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14353","reference_id":"","reference_type":"","scores":[{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81955","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81999","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81991","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81984","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81989","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.8199","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604040","reference_id":"1604040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604040"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14353"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka9r-zy4r-kfhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93824?format=json","vulnerability_id":"VCID-kyzk-vwd8-a3a2","summary":"Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4874","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25706","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25815","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25806","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.2576","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25701","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563","reference_id":"1051563","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238240","reference_id":"2238240","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238240"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_id":"452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch","reference_id":"a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2290","reference_id":"RHSA-2024:2290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3058","reference_id":"RHSA-2024:3058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3058"},{"reference_url":"https://usn.ubuntu.com/6374-1/","reference_id":"USN-6374-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-1/"},{"reference_url":"https://usn.ubuntu.com/6374-2/","reference_id":"USN-6374-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2023-4874"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kyzk-vwd8-a3a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93822?format=json","vulnerability_id":"VCID-my3h-m8rf-wud8","summary":"rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see email messages from other persons.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3181","reference_id":"","reference_type":"","scores":[{"value":"0.02801","scoring_system":"epss","scoring_elements":"0.86387","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02801","scoring_system":"epss","scoring_elements":"0.86408","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02801","scoring_system":"epss","scoring_elements":"0.86407","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02801","scoring_system":"epss","scoring_elements":"0.86395","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02801","scoring_system":"epss","scoring_elements":"0.8641","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02801","scoring_system":"epss","scoring_elements":"0.86411","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1920446","reference_id":"1920446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1920446"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326","reference_id":"980326","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326"},{"reference_url":"https://security.archlinux.org/ASA-202101-43","reference_id":"ASA-202101-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-43"},{"reference_url":"https://security.archlinux.org/AVG-1476","reference_id":"AVG-1476","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1476"},{"reference_url":"https://security.gentoo.org/glsa/202101-25","reference_id":"GLSA-202101-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4181","reference_id":"RHSA-2021:4181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4181"},{"reference_url":"https://usn.ubuntu.com/4703-1/","reference_id":"USN-4703-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4703-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2021-3181"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-my3h-m8rf-wud8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6265?format=json","vulnerability_id":"VCID-paz7-2kzy-hbb3","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14351","reference_id":"","reference_type":"","scores":[{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76658","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76695","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76683","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76672","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76687","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76694","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602953","reference_id":"1602953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602953"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14351"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-paz7-2kzy-hbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93817?format=json","vulnerability_id":"VCID-qmke-6aj3-cyf9","summary":"The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9116","reference_id":"","reference_type":"","scores":[{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87846","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87868","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.8787","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87872","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87884","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1168463","reference_id":"1168463","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1168463"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125","reference_id":"771125","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125"},{"reference_url":"https://security.gentoo.org/glsa/201701-04","reference_id":"GLSA-201701-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-04"},{"reference_url":"https://usn.ubuntu.com/2440-1/","reference_id":"USN-2440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4950?format=json","purl":"pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6nzw-zy6c-g7a5"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-qmke-6aj3-cyf9"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/4951?format=json","purl":"pkg:deb/debian/mutt@1.5.23-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3"}],"aliases":["CVE-2014-9116"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmke-6aj3-cyf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93804?format=json","vulnerability_id":"VCID-qzpr-ef6q-wfgt","summary":"Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2351","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32286","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32358","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32327","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3229","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3226","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32283","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1768449","reference_id":"1768449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1768449"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296","reference_id":"311296","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4948?format=json","purl":"pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6nzw-zy6c-g7a5"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-863c-wuf3-vfcw"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-qmke-6aj3-cyf9"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3"}],"aliases":["CVE-2005-2351"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzpr-ef6q-wfgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6262?format=json","vulnerability_id":"VCID-shkc-6sp1-k3g7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14354","reference_id":"","reference_type":"","scores":[{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85712","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85733","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85737","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85718","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0253","scoring_system":"epss","scoring_elements":"0.85734","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602069","reference_id":"1602069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2526","reference_id":"RHSA-2018:2526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2526"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14354"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shkc-6sp1-k3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6253?format=json","vulnerability_id":"VCID-v7r1-m3qa-pke6","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14363","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47055","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46987","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47052","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47018","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47037","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47008","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14363"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14363"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v7r1-m3qa-pke6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93825?format=json","vulnerability_id":"VCID-vc5k-wqag-sybt","summary":"Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4875","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08778","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08788","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08804","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08784","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08737","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563","reference_id":"1051563","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238241","reference_id":"2238241","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238241"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_id":"452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch","reference_id":"4cc3128abdf52c615911589394a03271fddeefc6.patch","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2290","reference_id":"RHSA-2024:2290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3058","reference_id":"RHSA-2024:3058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3058"},{"reference_url":"https://usn.ubuntu.com/6374-1/","reference_id":"USN-6374-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-1/"},{"reference_url":"https://usn.ubuntu.com/6374-2/","reference_id":"USN-6374-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2023-4875"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vc5k-wqag-sybt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93819?format=json","vulnerability_id":"VCID-w4hb-fvf3-bqch","summary":"Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14093","reference_id":"","reference_type":"","scores":[{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88428","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88446","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88448","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88462","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848360","reference_id":"1848360","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848360"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897","reference_id":"962897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897"},{"reference_url":"https://security.gentoo.org/glsa/202007-57","reference_id":"GLSA-202007-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-57"},{"reference_url":"https://usn.ubuntu.com/4401-1/","reference_id":"USN-4401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4952?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5634?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-14093"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w4hb-fvf3-bqch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93823?format=json","vulnerability_id":"VCID-yk7q-1chf-qbat","summary":"Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1328","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50757","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50817","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50822","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50801","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5077","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50786","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734","reference_id":"1009734","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735","reference_id":"1009735","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2076058","reference_id":"2076058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2076058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7640","reference_id":"RHSA-2022:7640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8219","reference_id":"RHSA-2022:8219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8219"},{"reference_url":"https://usn.ubuntu.com/5392-1/","reference_id":"USN-5392-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5392-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5826?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-384p-2zvm-73by"},{"vulnerability":"VCID-ad68-7m68-muf7"},{"vulnerability":"VCID-n3nh-4ugd-jbfz"},{"vulnerability":"VCID-r1xx-evxg-xqft"},{"vulnerability":"VCID-stwf-bxrj-rqca"},{"vulnerability":"VCID-z7a9-hn8u-63db"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2022-1328"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yk7q-1chf-qbat"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3126?format=json","vulnerability_id":"VCID-n6na-y3zc-eqa2","summary":"Gaëtan Leurent informed us of a weakness in APOP\nauthentication that could allow an attacker to recover the first\npart of your mail password if the attacker could interpose\na malicious mail server on your network masquerading as your legitimate\nmail server. With normal settings it could take several hours for\nthe attacker to gather enough data to recover just a few characters\nof the password. This result was presented at the\nFast Software Encryption 2007 conference.In a rump session at the same conference a team from The University of\nElectro-Communications claimed that a variant on the same hash-collision\nattack allowed them to recover a 31 character password.Fixed versions of Thunderbird and SeaMonkey mail prevent this\ntechnique by stricter enforcement of the Message-ID format used\nby APOP.POP mail accounts which do not use any authentication are\ncommon and in the same hypothetical situation the password could\nbe recovered immediately without any special programming on the\nattacker's part.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1558","reference_id":"","reference_type":"","scores":[{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94326","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94335","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94336","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94337","published_at":"2026-06-08T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94342","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1558"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=241191","reference_id":"241191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=241191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558","reference_id":"CVE-2007-1558","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558"},{"reference_url":"https://security.gentoo.org/glsa/200706-06","reference_id":"GLSA-200706-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200706-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-15","reference_id":"mfsa2007-15","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0344","reference_id":"RHSA-2007:0344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0353","reference_id":"RHSA-2007:0353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0385","reference_id":"RHSA-2007:0385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0386","reference_id":"RHSA-2007:0386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0401","reference_id":"RHSA-2007:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0402","reference_id":"RHSA-2007:0402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1140","reference_id":"RHSA-2009:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1140"},{"reference_url":"https://usn.ubuntu.com/469-1/","reference_id":"USN-469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/469-1/"},{"reference_url":"https://usn.ubuntu.com/520-1/","reference_id":"USN-520-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/520-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4947?format=json","purl":"pkg:deb/debian/mutt@1.5.18-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6nzw-zy6c-g7a5"},{"vulnerability":"VCID-6qg2-4vys-3qex"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-863c-wuf3-vfcw"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-qmke-6aj3-cyf9"},{"vulnerability":"VCID-qzpr-ef6q-wfgt"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6"}],"aliases":["CVE-2007-1558"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6na-y3zc-eqa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93810?format=json","vulnerability_id":"VCID-ysb2-avrk-vuc1","summary":"Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via \"&\" characters in the GECOS field, which triggers the overflow during alias expansion.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2683","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3303","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33133","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33146","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33109","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38786","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38797","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=239890","reference_id":"239890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=239890"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116","reference_id":"426116","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt","reference_id":"CVE-2007-2683;OSVDB-34973","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt"},{"reference_url":"https://www.securityfocus.com/bid/24192/info","reference_id":"CVE-2007-2683;OSVDB-34973","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/24192/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0386","reference_id":"RHSA-2007:0386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0386"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4947?format=json","purl":"pkg:deb/debian/mutt@1.5.18-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29an-2kma-fuf4"},{"vulnerability":"VCID-2bm9-4ums-1ydg"},{"vulnerability":"VCID-3uy8-vqh9-r3hh"},{"vulnerability":"VCID-5ctn-49r3-nba2"},{"vulnerability":"VCID-5mx1-cjrr-sycr"},{"vulnerability":"VCID-6nzw-zy6c-g7a5"},{"vulnerability":"VCID-6qg2-4vys-3qex"},{"vulnerability":"VCID-6vwr-jyu5-7bhg"},{"vulnerability":"VCID-7ta6-tmu9-qkes"},{"vulnerability":"VCID-863c-wuf3-vfcw"},{"vulnerability":"VCID-8qj4-efgv-cfa1"},{"vulnerability":"VCID-9e6v-c62e-rfcm"},{"vulnerability":"VCID-9faq-7ug9-2qfz"},{"vulnerability":"VCID-d3um-x65k-wkcw"},{"vulnerability":"VCID-dhda-7ss4-p7fz"},{"vulnerability":"VCID-f56e-963w-gka8"},{"vulnerability":"VCID-hf2r-ve96-xfeb"},{"vulnerability":"VCID-hpg1-nft4-5ket"},{"vulnerability":"VCID-ka9r-zy4r-kfhn"},{"vulnerability":"VCID-kyzk-vwd8-a3a2"},{"vulnerability":"VCID-my3h-m8rf-wud8"},{"vulnerability":"VCID-paz7-2kzy-hbb3"},{"vulnerability":"VCID-qmke-6aj3-cyf9"},{"vulnerability":"VCID-qzpr-ef6q-wfgt"},{"vulnerability":"VCID-shkc-6sp1-k3g7"},{"vulnerability":"VCID-v7r1-m3qa-pke6"},{"vulnerability":"VCID-vc5k-wqag-sybt"},{"vulnerability":"VCID-w4hb-fvf3-bqch"},{"vulnerability":"VCID-yk7q-1chf-qbat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6"}],"aliases":["CVE-2007-2683"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ysb2-avrk-vuc1"}],"risk_score":"4.3","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6"}