{"url":"http://public2.vulnerablecode.io/api/packages/571935?format=json","purl":"pkg:deb/debian/mutt@0.95.3-0.2","type":"deb","namespace":"debian","name":"mutt","version":"0.95.3-0.2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.0.5-4.1+deb11u3","latest_non_vulnerable_version":"2.0.5-4.1+deb11u3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73744?format=json","vulnerability_id":"VCID-2jga-eah6-6bhb","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14361","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58968","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58984","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58939","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58814","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58889","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58911","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58878","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.5893","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58936","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58954","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58937","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58918","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58952","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58956","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58934","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58917","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58933","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58927","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14361","reference_id":"CVE-2018-14361","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14361"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14361"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jga-eah6-6bhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51878?format=json","vulnerability_id":"VCID-45b7-9f4d-ryac","summary":"A heap-based buffer overflow in Mutt might allow remote attackers\n    to cause a Denial of Service condition.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0509.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0509.html"},{"reference_url":"http://dev.mutt.org/trac/ticket/3716","reference_id":"","reference_type":"","scores":[],"url":"http://dev.mutt.org/trac/ticket/3716"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9116","reference_id":"","reference_type":"","scores":[{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87728","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87578","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87587","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.876","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87603","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87623","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.8764","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87636","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87633","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87648","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87646","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87663","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.8767","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87668","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87684","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.877","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87718","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03515","scoring_system":"epss","scoring_elements":"0.87714","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9116"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116"},{"reference_url":"http://www.debian.org/security/2014/dsa-3083","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3083"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:245","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:245"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:078","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:078"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/11/27/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/11/27/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/11/27/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/11/27/9"},{"reference_url":"http://www.securityfocus.com/bid/71334","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71334"},{"reference_url":"http://www.securitytracker.com/id/1031266","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031266"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1168463","reference_id":"1168463","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1168463"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.5.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:1.5.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.5.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9116","reference_id":"CVE-2014-9116","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9116"},{"reference_url":"https://security.gentoo.org/glsa/201701-04","reference_id":"GLSA-201701-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-04"},{"reference_url":"https://usn.ubuntu.com/2440-1/","reference_id":"USN-2440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571944?format=json","purl":"pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037128?format=json","purl":"pkg:deb/debian/mutt@1.5.23-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3"}],"aliases":["CVE-2014-9116"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45b7-9f4d-ryac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59547?format=json","vulnerability_id":"VCID-4hym-sx7t-qbh1","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14355","reference_id":"","reference_type":"","scores":[{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73054","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73225","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73193","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.7322","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73241","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73202","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73063","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73084","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73058","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73095","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73108","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73133","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73112","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73149","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73151","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73187","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.732","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73199","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602081","reference_id":"1602081","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602081"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14355","reference_id":"CVE-2018-14355","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14355"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1126","reference_id":"RHSA-2020:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1126"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14355"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hym-sx7t-qbh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73743?format=json","vulnerability_id":"VCID-4zbn-7d8g-5bgx","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14360","reference_id":"","reference_type":"","scores":[{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52695","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52686","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.5273","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52641","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52685","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52712","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52727","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52722","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52772","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52755","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52739","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52777","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52785","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52768","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52718","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52728","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52689","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52633","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14360","reference_id":"CVE-2018-14360","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14360"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14360"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zbn-7d8g-5bgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59548?format=json","vulnerability_id":"VCID-4zs7-nyzq-zydh","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14356","reference_id":"","reference_type":"","scores":[{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75224","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75407","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75365","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75395","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.7542","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75399","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75227","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75236","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75279","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75289","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.7531","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75316","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75323","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75314","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75349","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75354","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75357","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604047","reference_id":"1604047","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604047"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14356","reference_id":"CVE-2018-14356","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14356"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14356"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zs7-nyzq-zydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61880?format=json","vulnerability_id":"VCID-5dxq-th2e-eke5","summary":"A vulnerability in Mutt and NeoMutt could lead to a Denial of\n    Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32055","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58599","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58718","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58659","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58704","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58762","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58682","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58703","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.5867","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58722","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58728","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58747","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58708","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58742","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58746","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58724","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58693","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58707","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58692","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32055"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957451","reference_id":"1957451","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957451"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106","reference_id":"988106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107","reference_id":"988107","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107"},{"reference_url":"https://security.archlinux.org/AVG-1922","reference_id":"AVG-1922","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1922"},{"reference_url":"https://security.archlinux.org/AVG-1923","reference_id":"AVG-1923","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1923"},{"reference_url":"https://security.gentoo.org/glsa/202105-05","reference_id":"GLSA-202105-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-05"},{"reference_url":"https://usn.ubuntu.com/5392-1/","reference_id":"USN-5392-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5392-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2021-32055"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dxq-th2e-eke5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59551?format=json","vulnerability_id":"VCID-7f9n-6yxm-zuhu","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14359","reference_id":"","reference_type":"","scores":[{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88049","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88191","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88152","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88166","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.8818","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88178","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88058","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88072","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88078","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88113","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88105","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88119","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88117","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88135","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.88141","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03811","scoring_system":"epss","scoring_elements":"0.8814","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604084","reference_id":"1604084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604084"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14359","reference_id":"CVE-2018-14359","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14359"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14359"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7f9n-6yxm-zuhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50770?format=json","vulnerability_id":"VCID-86dz-udh7-7kd5","summary":"A weakness was discovered in Mutt and NeoMutt's TLS handshake\n    handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28896","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26714","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2636","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26359","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26415","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26343","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2676","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26801","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26585","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26652","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26703","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26707","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26663","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26606","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26613","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26546","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26488","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26481","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26422","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2629","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900826","reference_id":"1900826","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900826"},{"reference_url":"https://security.archlinux.org/ASA-202011-24","reference_id":"ASA-202011-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-24"},{"reference_url":"https://security.archlinux.org/ASA-202011-25","reference_id":"ASA-202011-25","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-25"},{"reference_url":"https://security.archlinux.org/AVG-1288","reference_id":"AVG-1288","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1288"},{"reference_url":"https://security.archlinux.org/AVG-1289","reference_id":"AVG-1289","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1289"},{"reference_url":"https://security.gentoo.org/glsa/202101-32","reference_id":"GLSA-202101-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4181","reference_id":"RHSA-2021:4181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4181"},{"reference_url":"https://usn.ubuntu.com/4645-1/","reference_id":"USN-4645-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4645-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-28896"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-86dz-udh7-7kd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91090?format=json","vulnerability_id":"VCID-8azh-711b-xuap","summary":"Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0167","reference_id":"","reference_type":"","scores":[{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76036","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76039","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76071","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76051","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76084","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76098","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76123","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.761","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76097","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76138","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76141","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76125","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76164","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76174","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76186","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76195","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76225","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76247","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76234","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76249","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0167"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571938?format=json","purl":"pkg:deb/debian/mutt@1.5.9-2sarge2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-8mtv-crbm-m7e5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-bqzg-b5zw-b3h6"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fu71-npm3-8bat"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-yeqc-es13-3ffr"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.9-2sarge2"}],"aliases":["CVE-2003-0167"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8azh-711b-xuap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88812?format=json","vulnerability_id":"VCID-8mtv-crbm-m7e5","summary":"Multiple mutt tempfile race conditions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5297.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5297.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5297","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28941","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29016","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29066","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28874","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28942","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28984","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28988","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28944","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28895","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28919","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28848","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.2873","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28618","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28548","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28389","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28445","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28468","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.2839","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28411","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=211085","reference_id":"211085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=211085"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104","reference_id":"396104","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0386","reference_id":"RHSA-2007:0386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0386"},{"reference_url":"https://usn.ubuntu.com/373-1/","reference_id":"USN-373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571939?format=json","purl":"pkg:deb/debian/mutt@1.5.13-1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fu71-npm3-8bat"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.13-1.1"}],"aliases":["CVE-2006-5297"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8mtv-crbm-m7e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59550?format=json","vulnerability_id":"VCID-bbnw-jxah-rfbh","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14358","reference_id":"","reference_type":"","scores":[{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79504","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79705","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79656","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79677","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79696","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79692","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.7951","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79533","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79519","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79548","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79555","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79577","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.7956","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79552","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79582","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.7958","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79585","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79617","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79623","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01277","scoring_system":"epss","scoring_elements":"0.79639","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604064","reference_id":"1604064","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604064"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14358","reference_id":"CVE-2018-14358","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14358"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14358"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbnw-jxah-rfbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41613?format=json","vulnerability_id":"VCID-bqzg-b5zw-b3h6","summary":"Mutt contains a buffer overflow that could result in arbitrary code\n    execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3242.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3242.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3242","reference_id":"","reference_type":"","scores":[{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91777","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91786","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91792","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.918","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91813","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91819","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91823","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91825","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91821","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91841","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91835","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.9184","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91848","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91859","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91869","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91868","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07538","scoring_system":"epss","scoring_elements":"0.91875","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618137","reference_id":"1618137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618137"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375828","reference_id":"375828","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375828"},{"reference_url":"https://security.gentoo.org/glsa/200606-27","reference_id":"GLSA-200606-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200606-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0577","reference_id":"RHSA-2006:0577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571939?format=json","purl":"pkg:deb/debian/mutt@1.5.13-1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fu71-npm3-8bat"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.13-1.1"}],"aliases":["CVE-2006-3242"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqzg-b5zw-b3h6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59540?format=json","vulnerability_id":"VCID-ce8r-3je8-97bm","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14350","reference_id":"","reference_type":"","scores":[{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86682","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86848","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86805","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86824","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86841","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86837","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86731","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86741","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86754","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86751","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86744","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86758","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86764","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.8676","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86776","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86783","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03068","scoring_system":"epss","scoring_elements":"0.86784","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"http://www.securityfocus.com/bid/104931","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104931"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602922","reference_id":"1602922","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602922"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14350","reference_id":"CVE-2018-14350","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14350"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14350"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ce8r-3je8-97bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89555?format=json","vulnerability_id":"VCID-cmnb-dqq9-n3gt","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0078.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0078.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0078","reference_id":"","reference_type":"","scores":[{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90336","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90338","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.9035","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90354","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90367","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90382","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90376","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90391","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90388","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90403","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90402","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90398","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90411","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90428","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.9044","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90438","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90446","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0078"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617139","reference_id":"1617139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:050","reference_id":"RHSA-2004:050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:051","reference_id":"RHSA-2004:051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:051"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571938?format=json","purl":"pkg:deb/debian/mutt@1.5.9-2sarge2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-8mtv-crbm-m7e5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-bqzg-b5zw-b3h6"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fu71-npm3-8bat"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-yeqc-es13-3ffr"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.9-2sarge2"}],"aliases":["CVE-2004-0078"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmnb-dqq9-n3gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78093?format=json","vulnerability_id":"VCID-d15r-ncw4-hfdh","summary":"mutt: null pointer dereference","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4874","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23798","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23468","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23473","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23354","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23435","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23501","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23453","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23838","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23615","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23684","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23731","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23747","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23704","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2366","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23652","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23633","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23521","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2351","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563","reference_id":"1051563","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238240","reference_id":"2238240","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238240"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_id":"452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch","reference_id":"a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2290","reference_id":"RHSA-2024:2290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3058","reference_id":"RHSA-2024:3058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3058"},{"reference_url":"https://usn.ubuntu.com/6374-1/","reference_id":"USN-6374-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-1/"},{"reference_url":"https://usn.ubuntu.com/6374-2/","reference_id":"USN-6374-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2023-4874"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d15r-ncw4-hfdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59537?format=json","vulnerability_id":"VCID-eyfx-wdun-3fhq","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14349","reference_id":"","reference_type":"","scores":[{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75224","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75407","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75365","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75395","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.7542","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75399","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75227","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75236","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75279","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75289","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.7531","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75316","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75323","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75314","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75349","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75354","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75357","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602934","reference_id":"1602934","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602934"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14349","reference_id":"CVE-2018-14349","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14349"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14349"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyfx-wdun-3fhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88703?format=json","vulnerability_id":"VCID-fu71-npm3-8bat","summary":"Buffer overflow in mutt's gecos structure handling","references":[{"reference_url":"http://dev.mutt.org/trac/ticket/2885","reference_id":"","reference_type":"","scores":[],"url":"http://dev.mutt.org/trac/ticket/2885"},{"reference_url":"http://osvdb.org/34973","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/34973"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2683","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32766","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32802","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32623","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.3267","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32695","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32697","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32659","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32632","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32908","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32819","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32845","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33187","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3315","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33004","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32987","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32912","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.328","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32869","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2683"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683"},{"reference_url":"http://secunia.com/advisories/25408","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25408"},{"reference_url":"http://secunia.com/advisories/25515","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25515"},{"reference_url":"http://secunia.com/advisories/25529","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25529"},{"reference_url":"http://secunia.com/advisories/25546","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25546"},{"reference_url":"http://secunia.com/advisories/26415","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26415"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34441","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34441"},{"reference_url":"https://issues.rpath.com/browse/RPL-1391","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1391"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:113","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:113"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0386.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0386.html"},{"reference_url":"http://www.securityfocus.com/bid/24192","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/24192"},{"reference_url":"http://www.securitytracker.com/id?1018066","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018066"},{"reference_url":"http://www.trustix.org/errata/2007/0024/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0024/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=239890","reference_id":"239890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=239890"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116","reference_id":"426116","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2683","reference_id":"CVE-2007-2683","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2683"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt","reference_id":"CVE-2007-2683;OSVDB-34973","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt"},{"reference_url":"https://www.securityfocus.com/bid/24192/info","reference_id":"CVE-2007-2683;OSVDB-34973","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/24192/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0386","reference_id":"RHSA-2007:0386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0386"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571941?format=json","purl":"pkg:deb/debian/mutt@1.5.18-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6"}],"aliases":["CVE-2007-2683"],"risk_score":6.2,"exploitability":"2.0","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fu71-npm3-8bat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59549?format=json","vulnerability_id":"VCID-fyys-8z34-cufn","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14357","reference_id":"","reference_type":"","scores":[{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84812","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.85013","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84959","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84983","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.85002","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84998","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84827","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84845","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.8487","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84877","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84894","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84888","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.8491","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84908","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84933","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84942","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602915","reference_id":"1602915","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602915"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14357","reference_id":"CVE-2018-14357","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14357"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2526","reference_id":"RHSA-2018:2526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2526"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14357"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fyys-8z34-cufn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59552?format=json","vulnerability_id":"VCID-htz5-1fbu-5qfb","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14362","reference_id":"","reference_type":"","scores":[{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82086","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82302","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82245","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82266","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82289","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82285","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82098","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82119","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82115","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82142","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82149","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.8216","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82154","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82192","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82194","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82216","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82227","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01676","scoring_system":"epss","scoring_elements":"0.82229","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602079","reference_id":"1602079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602079"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14362","reference_id":"CVE-2018-14362","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14362"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2526","reference_id":"RHSA-2018:2526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2526"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14362"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-htz5-1fbu-5qfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59543?format=json","vulnerability_id":"VCID-j1v7-r585-eqeq","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14352","reference_id":"","reference_type":"","scores":[{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86793","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86964","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86919","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86938","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86955","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86951","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86804","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86823","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86817","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86836","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86845","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86858","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86866","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86872","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86895","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03127","scoring_system":"epss","scoring_elements":"0.86897","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604034","reference_id":"1604034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604034"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14352","reference_id":"CVE-2018-14352","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14352"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14352"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1v7-r585-eqeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56485?format=json","vulnerability_id":"VCID-k6ud-492m-yqdp","summary":"Multiple vulnerabilities have been found in Mutt and Neomutt, the\n    worst of which could result in an access restriction bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14154","reference_id":"","reference_type":"","scores":[{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.7179","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71809","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71782","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71821","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71832","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71857","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.7184","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71822","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71864","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71869","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71852","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71897","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71902","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.719","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.7189","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71924","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71956","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71921","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.7195","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848287","reference_id":"1848287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848287"},{"reference_url":"https://security.gentoo.org/glsa/202007-57","reference_id":"GLSA-202007-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-57"},{"reference_url":"https://usn.ubuntu.com/4401-1/","reference_id":"USN-4401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-14154"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k6ud-492m-yqdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59545?format=json","vulnerability_id":"VCID-nyyz-7jhc-4qd6","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14353","reference_id":"","reference_type":"","scores":[{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80872","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.8108","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.81023","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.81045","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.81067","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.81062","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.8088","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80903","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.809","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80928","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80953","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80939","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.8093","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80966","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80967","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80969","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.8099","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.80998","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01471","scoring_system":"epss","scoring_elements":"0.81009","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604040","reference_id":"1604040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1604040"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14353","reference_id":"CVE-2018-14353","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14353"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14353"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyyz-7jhc-4qd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89715?format=json","vulnerability_id":"VCID-p54u-k5vg-kqgs","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0140.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0140","reference_id":"","reference_type":"","scores":[{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.8429","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84303","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84323","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84346","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84369","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84362","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84358","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.8438","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84381","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84384","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.8441","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84419","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84423","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84443","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84469","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84485","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84484","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02182","scoring_system":"epss","scoring_elements":"0.84501","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616983","reference_id":"1616983","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:109","reference_id":"RHSA-2003:109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:111","reference_id":"RHSA-2003:111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:111"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571938?format=json","purl":"pkg:deb/debian/mutt@1.5.9-2sarge2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-8mtv-crbm-m7e5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-bqzg-b5zw-b3h6"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fu71-npm3-8bat"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-yeqc-es13-3ffr"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.9-2sarge2"}],"aliases":["CVE-2003-0140"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p54u-k5vg-kqgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38782?format=json","vulnerability_id":"VCID-rabc-wwt3-j3a3","summary":"A vulnerability in Mutt could allow remote attackers to execute\n    arbitrary code or cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0467","reference_id":"","reference_type":"","scores":[{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82806","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82819","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82815","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.8284","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82862","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82857","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82853","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82892","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82894","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82915","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82925","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82929","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.8295","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.8297","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.82991","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01816","scoring_system":"epss","scoring_elements":"0.83005","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1075860","reference_id":"1075860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1075860"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731","reference_id":"708731","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731"},{"reference_url":"https://security.gentoo.org/glsa/201406-05","reference_id":"GLSA-201406-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0304","reference_id":"RHSA-2014:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0304"},{"reference_url":"https://usn.ubuntu.com/2147-1/","reference_id":"USN-2147-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2147-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571944?format=json","purl":"pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037128?format=json","purl":"pkg:deb/debian/mutt@1.5.23-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3"}],"aliases":["CVE-2014-0467"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rabc-wwt3-j3a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56484?format=json","vulnerability_id":"VCID-rhbd-qbus-ruhc","summary":"Multiple vulnerabilities have been found in Mutt and Neomutt, the\n    worst of which could result in an access restriction bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14093","reference_id":"","reference_type":"","scores":[{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88158","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88166","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88182","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88189","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88208","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88225","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88217","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.8823","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88229","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88248","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88253","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88256","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88283","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88296","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88294","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03861","scoring_system":"epss","scoring_elements":"0.88307","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848360","reference_id":"1848360","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848360"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897","reference_id":"962897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897"},{"reference_url":"https://security.gentoo.org/glsa/202007-57","reference_id":"GLSA-202007-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-57"},{"reference_url":"https://usn.ubuntu.com/4401-1/","reference_id":"USN-4401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-14093"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhbd-qbus-ruhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78094?format=json","vulnerability_id":"VCID-s7jp-h1gx-f3db","summary":"mutt: null pointer dereference","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4875","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07339","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07091","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07105","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0726","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07342","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07323","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0707","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07045","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07099","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07131","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07129","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07118","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07109","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07028","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0716","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07125","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563","reference_id":"1051563","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238241","reference_id":"2238241","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238241"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_id":"452ee330e094bfc7c9a68555e5152b1826534555.patch","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch"},{"reference_url":"https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch","reference_id":"4cc3128abdf52c615911589394a03271fddeefc6.patch","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/"}],"url":"https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2290","reference_id":"RHSA-2024:2290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3058","reference_id":"RHSA-2024:3058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3058"},{"reference_url":"https://usn.ubuntu.com/6374-1/","reference_id":"USN-6374-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-1/"},{"reference_url":"https://usn.ubuntu.com/6374-2/","reference_id":"USN-6374-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6374-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2023-4875"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7jp-h1gx-f3db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79523?format=json","vulnerability_id":"VCID-sdgd-qstu-pudm","summary":"mutt: buffer overflow in uudecoder function","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1328","reference_id":"","reference_type":"","scores":[{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44268","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.4434","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44362","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44299","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44351","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44356","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44374","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44342","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44341","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44397","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44388","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50561","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50616","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5057","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50494","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50548","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50577","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50531","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734","reference_id":"1009734","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735","reference_id":"1009735","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2076058","reference_id":"2076058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2076058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7640","reference_id":"RHSA-2022:7640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8219","reference_id":"RHSA-2022:8219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8219"},{"reference_url":"https://usn.ubuntu.com/5392-1/","reference_id":"USN-5392-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5392-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2022-1328"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdgd-qstu-pudm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88149?format=json","vulnerability_id":"VCID-smyk-kg69-27ct","summary":"Mutt 1.5.19 SSL chain verification flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1390","reference_id":"","reference_type":"","scores":[{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.6282","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62878","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62908","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62922","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62957","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62946","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62924","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62964","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62971","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62951","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62985","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62986","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62941","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62987","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.6304","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62999","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63027","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=504979","reference_id":"504979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=504979"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571942?format=json","purl":"pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3"}],"aliases":["CVE-2009-1390"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smyk-kg69-27ct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73745?format=json","vulnerability_id":"VCID-ssk5-y54s-53gk","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14363","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44379","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44409","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44346","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44623","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44644","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44582","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44636","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44624","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44678","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4467","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44601","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44515","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44518","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44314","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44391","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14363"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14363","reference_id":"CVE-2018-14363","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14363"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14363"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ssk5-y54s-53gk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43087?format=json","vulnerability_id":"VCID-t7kq-u427-mbd7","summary":"A vulnerability in Mutt could lead to a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3181","reference_id":"","reference_type":"","scores":[{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86497","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.8666","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86652","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86648","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86507","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86525","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86524","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86544","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86554","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86569","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86565","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86573","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86578","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.8657","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86588","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86597","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86596","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86617","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02997","scoring_system":"epss","scoring_elements":"0.86636","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1920446","reference_id":"1920446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1920446"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326","reference_id":"980326","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326"},{"reference_url":"https://security.archlinux.org/ASA-202101-43","reference_id":"ASA-202101-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-43"},{"reference_url":"https://security.archlinux.org/AVG-1476","reference_id":"AVG-1476","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1476"},{"reference_url":"https://security.gentoo.org/glsa/202101-25","reference_id":"GLSA-202101-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4181","reference_id":"RHSA-2021:4181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4181"},{"reference_url":"https://usn.ubuntu.com/4703-1/","reference_id":"USN-4703-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4703-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2021-3181"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t7kq-u427-mbd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59541?format=json","vulnerability_id":"VCID-u7cd-qnpy-y3az","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14351","reference_id":"","reference_type":"","scores":[{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75224","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75407","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75365","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75395","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.7542","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75399","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75227","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75236","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75279","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75289","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.7531","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75316","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75323","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75314","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75349","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75354","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75357","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602953","reference_id":"1602953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602953"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14351","reference_id":"CVE-2018-14351","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14351"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14351"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7cd-qnpy-y3az"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59546?format=json","vulnerability_id":"VCID-u8at-7vh4-f7fe","summary":"Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n    worst of which allows for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14354","reference_id":"","reference_type":"","scores":[{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84812","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.85013","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84959","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84983","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.85002","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84998","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84827","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84845","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.8487","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84877","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84894","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84888","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.8491","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84908","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84933","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02348","scoring_system":"epss","scoring_elements":"0.84942","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb"},{"reference_url":"https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html"},{"reference_url":"https://neomutt.org/2018/07/16/release","reference_id":"","reference_type":"","scores":[],"url":"https://neomutt.org/2018/07/16/release"},{"reference_url":"https://www.debian.org/security/2018/dsa-4277","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4277"},{"reference_url":"http://www.mutt.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mutt.org/news.html"},{"reference_url":"http://www.securityfocus.com/bid/104925","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104925"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602069","reference_id":"1602069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021","reference_id":"904021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051","reference_id":"904051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051"},{"reference_url":"https://security.archlinux.org/AVG-740","reference_id":"AVG-740","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-740"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14354","reference_id":"CVE-2018-14354","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14354"},{"reference_url":"https://security.gentoo.org/glsa/201810-07","reference_id":"GLSA-201810-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2526","reference_id":"RHSA-2018:2526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2526"},{"reference_url":"https://usn.ubuntu.com/3719-1/","reference_id":"USN-3719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-1/"},{"reference_url":"https://usn.ubuntu.com/3719-2/","reference_id":"USN-3719-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-2/"},{"reference_url":"https://usn.ubuntu.com/3719-3/","reference_id":"USN-3719-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3719-3/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"}],"aliases":["CVE-2018-14354"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8at-7vh4-f7fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87467?format=json","vulnerability_id":"VCID-uh2u-tyhx-jqey","summary":"mutt: SSL host name check may be skipped when verifying certificate chain","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1429","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47681","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47701","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47758","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47708","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47762","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47783","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.4776","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.4777","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47825","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47817","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47769","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47752","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47707","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47624","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47687","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47709","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47652","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1429"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429"},{"reference_url":"http://seclists.org/fulldisclosure/2011/Mar/87","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2011/Mar/87"},{"reference_url":"http://secunia.com/advisories/44937","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44937"},{"reference_url":"http://securityreason.com/securityalert/8143","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/8143"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66015","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66015"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0959.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0959.html"},{"reference_url":"http://www.securityfocus.com/bid/46803","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/46803"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216","reference_id":"619216","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=688755","reference_id":"688755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=688755"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1429","reference_id":"CVE-2011-1429","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0959","reference_id":"RHSA-2011:0959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0959"},{"reference_url":"https://usn.ubuntu.com/1221-1/","reference_id":"USN-1221-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1221-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571944?format=json","purl":"pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3"}],"aliases":["CVE-2011-1429"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uh2u-tyhx-jqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60755?format=json","vulnerability_id":"VCID-ukjn-pbdj-u3e3","summary":"Multiple vulnerabilities have been reported in Mozilla Firefox,\n    Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted\n    arbitrary remote code execution.","references":[{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"},{"reference_url":"http://balsa.gnome.org/download.html","reference_id":"","reference_type":"","scores":[],"url":"http://balsa.gnome.org/download.html"},{"reference_url":"http://docs.info.apple.com/article.html?artnum=305530","reference_id":"","reference_type":"","scores":[],"url":"http://docs.info.apple.com/article.html?artnum=305530"},{"reference_url":"http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt","reference_id":"","reference_type":"","scores":[],"url":"http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"},{"reference_url":"http://lists.apple.com/archives/security-announce/2007/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"},{"reference_url":"http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1558","reference_id":"","reference_type":"","scores":[{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94258","published_at":"2026-05-12T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94154","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94246","published_at":"2026-05-09T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94251","published_at":"2026-05-11T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94163","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94175","published_at":"2026-04-04T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94177","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94187","published_at":"2026-04-08T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94191","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94195","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94211","published_at":"2026-04-16T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94216","published_at":"2026-04-21T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94219","published_at":"2026-04-29T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94223","published_at":"2026-05-05T12:55:00Z"},{"value":"0.1342","scoring_system":"epss","scoring_elements":"0.94234","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1558"},{"reference_url":"http://secunia.com/advisories/25353","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25353"},{"reference_url":"http://secunia.com/advisories/25402","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25402"},{"reference_url":"http://secunia.com/advisories/25476","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25476"},{"reference_url":"http://secunia.com/advisories/25496","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25496"},{"reference_url":"http://secunia.com/advisories/25529","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25529"},{"reference_url":"http://secunia.com/advisories/25534","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25534"},{"reference_url":"http://secunia.com/advisories/25546","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25546"},{"reference_url":"http://secunia.com/advisories/25559","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25559"},{"reference_url":"http://secunia.com/advisories/25664","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25664"},{"reference_url":"http://secunia.com/advisories/25750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25750"},{"reference_url":"http://secunia.com/advisories/25798","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25798"},{"reference_url":"http://secunia.com/advisories/25858","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25858"},{"reference_url":"http://secunia.com/advisories/25894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25894"},{"reference_url":"http://secunia.com/advisories/26083","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26083"},{"reference_url":"http://secunia.com/advisories/26415","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26415"},{"reference_url":"http://secunia.com/advisories/35699","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35699"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200706-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200706-06.xml"},{"reference_url":"https://issues.rpath.com/browse/RPL-1231","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1231"},{"reference_url":"https://issues.rpath.com/browse/RPL-1232","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1232"},{"reference_url":"https://issues.rpath.com/browse/RPL-1424","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1424"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857"},{"reference_url":"http://sourceforge.net/forum/forum.php?forum_id=683706","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/forum/forum.php?forum_id=683706"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782"},{"reference_url":"http://sylpheed.sraoss.jp/en/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://sylpheed.sraoss.jp/en/news.html"},{"reference_url":"http://www.claws-mail.org/news.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.claws-mail.org/news.php"},{"reference_url":"http://www.debian.org/security/2007/dsa-1300","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1300"},{"reference_url":"http://www.debian.org/security/2007/dsa-1305","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1305"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:105","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:105"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:107","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:107"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:113","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:113"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:119","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:119"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:131","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:131"},{"reference_url":"http://www.mozilla.org/security/announce/2007/mfsa2007-15.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2007/mfsa2007-15.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_14_sr.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_14_sr.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_36_mozilla.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/08/15/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2009/08/15/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/08/18/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2009/08/18/1"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0344.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0344.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0353.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0353.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0385.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0385.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0386.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0386.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0401.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0401.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0402.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0402.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1140.html"},{"reference_url":"http://www.securityfocus.com/archive/1/464477/30/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464477/30/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/464569/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464569/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/470172/100/200/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/470172/100/200/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/471455/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/471455/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/471720/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/471720/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/471842/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/471842/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/23257","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/23257"},{"reference_url":"http://www.securitytracker.com/id?1018008","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018008"},{"reference_url":"http://www.trustix.org/errata/2007/0019/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0019/"},{"reference_url":"http://www.trustix.org/errata/2007/0024/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0024/"},{"reference_url":"http://www.ubuntu.com/usn/usn-469-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-469-1"},{"reference_url":"http://www.ubuntu.com/usn/usn-520-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-520-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA07-151A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA07-151A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1466","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1466"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1467","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1467"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1468","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1468"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1480","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1480"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1939","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1939"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1994","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1994"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2788","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2788"},{"reference_url":"http://www.vupen.com/english/advisories/2008/0082","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/0082"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=241191","reference_id":"241191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=241191"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558","reference_id":"CVE-2007-1558","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1558","reference_id":"CVE-2007-1558","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1558"},{"reference_url":"https://security.gentoo.org/glsa/200706-06","reference_id":"GLSA-200706-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200706-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-15","reference_id":"mfsa2007-15","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0344","reference_id":"RHSA-2007:0344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0353","reference_id":"RHSA-2007:0353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0385","reference_id":"RHSA-2007:0385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0386","reference_id":"RHSA-2007:0386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0401","reference_id":"RHSA-2007:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0402","reference_id":"RHSA-2007:0402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1140","reference_id":"RHSA-2009:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1140"},{"reference_url":"https://usn.ubuntu.com/469-1/","reference_id":"USN-469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/469-1/"},{"reference_url":"https://usn.ubuntu.com/520-1/","reference_id":"USN-520-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/520-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571941?format=json","purl":"pkg:deb/debian/mutt@1.5.18-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6"}],"aliases":["CVE-2007-1558"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ukjn-pbdj-u3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90386?format=json","vulnerability_id":"VCID-yeqc-es13-3ffr","summary":"The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and safe_fopen function calls.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5298.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5298.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5298","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18745","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18881","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18934","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18657","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18736","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1879","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18795","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18748","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18698","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18647","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18658","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18677","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18569","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18547","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18507","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18379","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18464","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18565","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18527","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18559","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5298"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104","reference_id":"396104","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104"},{"reference_url":"https://usn.ubuntu.com/373-1/","reference_id":"USN-373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571939?format=json","purl":"pkg:deb/debian/mutt@1.5.13-1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fu71-npm3-8bat"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-smyk-kg69-27ct"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-ukjn-pbdj-u3e3"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"},{"vulnerability":"VCID-zecc-x23b-akcf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.13-1.1"}],"aliases":["CVE-2006-5298"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yeqc-es13-3ffr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56486?format=json","vulnerability_id":"VCID-yvgu-yg5k-z3ff","summary":"Multiple vulnerabilities have been found in Mutt and Neomutt, the\n    worst of which could result in an access restriction bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14954","reference_id":"","reference_type":"","scores":[{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90453","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90457","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90469","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90474","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90487","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90493","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.905","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90511","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.9051","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90522","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90521","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90518","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.9053","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90547","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90559","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90556","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05784","scoring_system":"epss","scoring_elements":"0.90565","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850170","reference_id":"1850170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850170"},{"reference_url":"https://security.gentoo.org/glsa/202007-57","reference_id":"GLSA-202007-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-57"},{"reference_url":"https://usn.ubuntu.com/4403-1/","reference_id":"USN-4403-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4403-1/"},{"reference_url":"https://usn.ubuntu.com/7204-1/","reference_id":"USN-7204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7204-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037129?format=json","purl":"pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037900?format=json","purl":"pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049080?format=json","purl":"pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3"}],"aliases":["CVE-2020-14954"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yvgu-yg5k-z3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89079?format=json","vulnerability_id":"VCID-zecc-x23b-akcf","summary":"mutt: denial of service via a series of requests to temporary files","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2351","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32733","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32236","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32307","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32214","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32864","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32899","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32719","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32794","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32795","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32758","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32732","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32773","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32749","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3272","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32568","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32452","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32369","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32232","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32296","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2351"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2005-2351","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2005-2351"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1768449","reference_id":"1768449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1768449"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2351","reference_id":"CVE-2005-2351","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2351"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571942?format=json","purl":"pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jga-eah6-6bhb"},{"vulnerability":"VCID-45b7-9f4d-ryac"},{"vulnerability":"VCID-4hym-sx7t-qbh1"},{"vulnerability":"VCID-4zbn-7d8g-5bgx"},{"vulnerability":"VCID-4zs7-nyzq-zydh"},{"vulnerability":"VCID-5dxq-th2e-eke5"},{"vulnerability":"VCID-7f9n-6yxm-zuhu"},{"vulnerability":"VCID-86dz-udh7-7kd5"},{"vulnerability":"VCID-bbnw-jxah-rfbh"},{"vulnerability":"VCID-ce8r-3je8-97bm"},{"vulnerability":"VCID-d15r-ncw4-hfdh"},{"vulnerability":"VCID-eyfx-wdun-3fhq"},{"vulnerability":"VCID-fyys-8z34-cufn"},{"vulnerability":"VCID-htz5-1fbu-5qfb"},{"vulnerability":"VCID-j1v7-r585-eqeq"},{"vulnerability":"VCID-k6ud-492m-yqdp"},{"vulnerability":"VCID-nyyz-7jhc-4qd6"},{"vulnerability":"VCID-rabc-wwt3-j3a3"},{"vulnerability":"VCID-rhbd-qbus-ruhc"},{"vulnerability":"VCID-s7jp-h1gx-f3db"},{"vulnerability":"VCID-sdgd-qstu-pudm"},{"vulnerability":"VCID-ssk5-y54s-53gk"},{"vulnerability":"VCID-t7kq-u427-mbd7"},{"vulnerability":"VCID-u7cd-qnpy-y3az"},{"vulnerability":"VCID-u8at-7vh4-f7fe"},{"vulnerability":"VCID-uh2u-tyhx-jqey"},{"vulnerability":"VCID-yvgu-yg5k-z3ff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3"}],"aliases":["CVE-2005-2351"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zecc-x23b-akcf"}],"fixing_vulnerabilities":[],"risk_score":"6.2","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@0.95.3-0.2"}