Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/571940?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/571940?format=api", "purl": "pkg:deb/debian/mutt@1.5.13-1.1etch1", "type": "deb", "namespace": "debian", "name": "mutt", "version": "1.5.13-1.1etch1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.0.5-4.1+deb11u3", "latest_non_vulnerable_version": "2.0.5-4.1+deb11u3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73744?format=api", "vulnerability_id": "VCID-2jga-eah6-6bhb", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58984", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58933", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58927", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58814", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58889", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58911", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58878", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5893", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58936", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58954", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58937", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58918", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58952", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58956", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58934", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58917", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14361", "reference_id": "CVE-2018-14361", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14361" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14361" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jga-eah6-6bhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51878?format=api", "vulnerability_id": "VCID-45b7-9f4d-ryac", "summary": "A heap-based buffer overflow in Mutt might allow remote attackers\n to cause a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0509.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0509.html" }, { "reference_url": "http://dev.mutt.org/trac/ticket/3716", "reference_id": "", "reference_type": "", "scores": [], "url": "http://dev.mutt.org/trac/ticket/3716" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87718", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87578", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87587", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.876", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87623", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87629", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.8764", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87636", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87633", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87648", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87646", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87663", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.8767", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87668", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.87684", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03515", "scoring_system": "epss", "scoring_elements": "0.877", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9116" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3083", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3083" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:245", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:245" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:078", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:078" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/11/27/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/11/27/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/11/27/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/11/27/9" }, { "reference_url": "http://www.securityfocus.com/bid/71334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71334" }, { "reference_url": "http://www.securitytracker.com/id/1031266", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031266" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168463", "reference_id": "1168463", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168463" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.5.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:1.5.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.5.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9116", "reference_id": "CVE-2014-9116", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9116" }, { "reference_url": "https://security.gentoo.org/glsa/201701-04", "reference_id": "GLSA-201701-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-04" }, { "reference_url": "https://usn.ubuntu.com/2440-1/", "reference_id": "USN-2440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571944?format=api", "purl": "pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-45b7-9f4d-ryac" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rabc-wwt3-j3a3" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037128?format=api", "purl": "pkg:deb/debian/mutt@1.5.23-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3" } ], "aliases": [ "CVE-2014-9116" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-45b7-9f4d-ryac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59547?format=api", "vulnerability_id": "VCID-4hym-sx7t-qbh1", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73054", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73241", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.732", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73199", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73193", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.7322", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73063", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73084", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73058", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73095", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73108", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73133", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73112", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73149", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73159", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73151", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73187", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602081", "reference_id": "1602081", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602081" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14355", "reference_id": "CVE-2018-14355", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14355" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1126", "reference_id": "RHSA-2020:1126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1126" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14355" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hym-sx7t-qbh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73743?format=api", "vulnerability_id": "VCID-4zbn-7d8g-5bgx", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.5273", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52633", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52686", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52641", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52712", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52727", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52722", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52772", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52755", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52739", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52777", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52785", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52768", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52718", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52728", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52689", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14360", "reference_id": "CVE-2018-14360", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14360" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14360" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zbn-7d8g-5bgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59548?format=api", "vulnerability_id": "VCID-4zs7-nyzq-zydh", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75224", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.7542", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75354", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75357", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75365", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75395", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75236", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.7531", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75288", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75316", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75323", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75314", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75349", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604047", "reference_id": "1604047", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604047" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14356", "reference_id": "CVE-2018-14356", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14356" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14356" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zs7-nyzq-zydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61880?format=api", "vulnerability_id": "VCID-5dxq-th2e-eke5", "summary": "A vulnerability in Mutt and NeoMutt could lead to a Denial of\n Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32055", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58599", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58762", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58692", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58659", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58704", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58682", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.5867", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58728", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58747", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58708", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58746", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58724", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58693", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58707", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32055" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957451", "reference_id": "1957451", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957451" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106", "reference_id": "988106", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107", "reference_id": "988107", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107" }, { "reference_url": "https://security.archlinux.org/AVG-1922", "reference_id": "AVG-1922", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1922" }, { "reference_url": "https://security.archlinux.org/AVG-1923", "reference_id": "AVG-1923", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1923" }, { "reference_url": "https://security.gentoo.org/glsa/202105-05", "reference_id": "GLSA-202105-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-05" }, { "reference_url": "https://usn.ubuntu.com/5392-1/", "reference_id": "USN-5392-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5392-1/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2021-32055" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dxq-th2e-eke5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59551?format=api", "vulnerability_id": "VCID-7f9n-6yxm-zuhu", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88049", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.8818", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88141", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.8814", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88152", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88166", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88078", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88097", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88103", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88113", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88105", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88119", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88117", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03811", "scoring_system": "epss", "scoring_elements": "0.88135", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604084", "reference_id": "1604084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604084" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14359", "reference_id": "CVE-2018-14359", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14359" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14359" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7f9n-6yxm-zuhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50770?format=api", "vulnerability_id": "VCID-86dz-udh7-7kd5", "summary": "A weakness was discovered in Mutt and NeoMutt's TLS handshake\n handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26415", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26422", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2629", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26359", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2676", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26801", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26585", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26703", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26663", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26613", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26546", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26488", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26481", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900826", "reference_id": "1900826", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900826" }, { "reference_url": "https://security.archlinux.org/ASA-202011-24", "reference_id": "ASA-202011-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-24" }, { "reference_url": "https://security.archlinux.org/ASA-202011-25", "reference_id": "ASA-202011-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-25" }, { "reference_url": "https://security.archlinux.org/AVG-1288", "reference_id": "AVG-1288", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1288" }, { "reference_url": "https://security.archlinux.org/AVG-1289", "reference_id": "AVG-1289", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1289" }, { "reference_url": "https://security.gentoo.org/glsa/202101-32", "reference_id": "GLSA-202101-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4181", "reference_id": "RHSA-2021:4181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4181" }, { "reference_url": "https://usn.ubuntu.com/4645-1/", "reference_id": "USN-4645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4645-1/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28896" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86dz-udh7-7kd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59550?format=api", "vulnerability_id": "VCID-bbnw-jxah-rfbh", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79504", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79696", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79623", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79639", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79656", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79677", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.7951", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79533", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79519", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79548", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79555", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79577", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.7956", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79552", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79582", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.7958", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79585", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01277", "scoring_system": "epss", "scoring_elements": "0.79617", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604064", "reference_id": "1604064", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604064" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14358", "reference_id": "CVE-2018-14358", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14358" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14358" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbnw-jxah-rfbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59540?format=api", "vulnerability_id": "VCID-ce8r-3je8-97bm", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86682", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86841", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86783", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86784", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86805", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86824", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86693", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86712", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86731", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86741", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86754", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86744", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86764", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.8676", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03068", "scoring_system": "epss", "scoring_elements": "0.86776", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "http://www.securityfocus.com/bid/104931", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602922", "reference_id": "1602922", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14350", "reference_id": "CVE-2018-14350", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14350" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14350" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ce8r-3je8-97bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78093?format=api", "vulnerability_id": "VCID-d15r-ncw4-hfdh", "summary": "mutt: null pointer dereference", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23798", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23501", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23521", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2351", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23473", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23354", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23435", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23838", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23615", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23684", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23731", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23747", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23704", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23648", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2366", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23652", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23633", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563", "reference_id": "1051563", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238240", "reference_id": "2238240", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238240" }, { "reference_url": "https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch", "reference_id": "452ee330e094bfc7c9a68555e5152b1826534555.patch", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/" } ], "url": "https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch" }, { "reference_url": "https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch", "reference_id": "a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/" } ], "url": "https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2290", "reference_id": "RHSA-2024:2290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3058", "reference_id": "RHSA-2024:3058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3058" }, { "reference_url": "https://usn.ubuntu.com/6374-1/", "reference_id": "USN-6374-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6374-1/" }, { "reference_url": "https://usn.ubuntu.com/6374-2/", "reference_id": "USN-6374-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6374-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2023-4874" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d15r-ncw4-hfdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59537?format=api", "vulnerability_id": "VCID-eyfx-wdun-3fhq", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75224", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.7542", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75354", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75357", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75365", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75395", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75236", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.7531", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75288", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75316", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75323", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75314", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75349", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602934", "reference_id": "1602934", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602934" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14349", "reference_id": "CVE-2018-14349", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14349" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14349" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyfx-wdun-3fhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88703?format=api", "vulnerability_id": "VCID-fu71-npm3-8bat", "summary": "Buffer overflow in mutt's gecos structure handling", "references": [ { "reference_url": "http://dev.mutt.org/trac/ticket/2885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://dev.mutt.org/trac/ticket/2885" }, { "reference_url": "http://osvdb.org/34973", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/34973" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2683", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32632", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32766", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32623", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.3267", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32695", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32697", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32659", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32869", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33187", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32908", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3315", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33004", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32987", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32912", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.328", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2683" }, { "reference_url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683" }, { "reference_url": "http://secunia.com/advisories/25408", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25408" }, { "reference_url": "http://secunia.com/advisories/25515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25515" }, { "reference_url": "http://secunia.com/advisories/25529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25529" }, { "reference_url": "http://secunia.com/advisories/25546", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25546" }, { "reference_url": "http://secunia.com/advisories/26415", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26415" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34441" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1391" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html" }, { "reference_url": "http://www.securityfocus.com/bid/24192", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/24192" }, { "reference_url": "http://www.securitytracker.com/id?1018066", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018066" }, { "reference_url": "http://www.trustix.org/errata/2007/0024/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0024/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=239890", "reference_id": "239890", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=239890" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116", "reference_id": "426116", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2683", "reference_id": "CVE-2007-2683", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2683" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt", "reference_id": "CVE-2007-2683;OSVDB-34973", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt" }, { "reference_url": "https://www.securityfocus.com/bid/24192/info", "reference_id": "CVE-2007-2683;OSVDB-34973", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/24192/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0386", "reference_id": "RHSA-2007:0386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0386" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571941?format=api", "purl": "pkg:deb/debian/mutt@1.5.18-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-45b7-9f4d-ryac" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rabc-wwt3-j3a3" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-smyk-kg69-27ct" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-uh2u-tyhx-jqey" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" }, { "vulnerability": "VCID-zecc-x23b-akcf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6" } ], "aliases": [ "CVE-2007-2683" ], "risk_score": 6.2, "exploitability": "2.0", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fu71-npm3-8bat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59549?format=api", "vulnerability_id": "VCID-fyys-8z34-cufn", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84812", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.85002", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84933", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84942", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84959", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84983", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84827", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84847", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.8487", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84877", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84895", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84888", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.8491", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84908", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602915", "reference_id": "1602915", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602915" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14357", "reference_id": "CVE-2018-14357", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14357" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2526", "reference_id": "RHSA-2018:2526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2526" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14357" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fyys-8z34-cufn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59552?format=api", "vulnerability_id": "VCID-htz5-1fbu-5qfb", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82086", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82289", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82227", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82229", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82245", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82266", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82119", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82115", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82142", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82149", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82168", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.8216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82192", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82194", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01676", "scoring_system": "epss", "scoring_elements": "0.82216", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602079", "reference_id": "1602079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602079" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14362", "reference_id": "CVE-2018-14362", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14362" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2526", "reference_id": "RHSA-2018:2526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2526" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14362" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htz5-1fbu-5qfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59543?format=api", "vulnerability_id": "VCID-j1v7-r585-eqeq", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86793", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86955", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86895", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86897", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86919", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86938", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86804", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86823", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86817", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86836", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86845", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86858", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86849", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86866", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86871", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86872", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03127", "scoring_system": "epss", "scoring_elements": "0.86889", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604034", "reference_id": "1604034", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604034" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14352", "reference_id": "CVE-2018-14352", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14352" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14352" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1v7-r585-eqeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56485?format=api", "vulnerability_id": "VCID-k6ud-492m-yqdp", "summary": "Multiple vulnerabilities have been found in Mutt and Neomutt, the\n worst of which could result in an access restriction bypass.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71783", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.7179", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71809", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71782", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71821", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71832", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.7184", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71822", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71869", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71852", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71897", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71902", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.719", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.7189", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71924", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71956", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848287", "reference_id": "1848287", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848287" }, { "reference_url": "https://security.gentoo.org/glsa/202007-57", "reference_id": "GLSA-202007-57", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-57" }, { "reference_url": "https://usn.ubuntu.com/4401-1/", "reference_id": "USN-4401-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4401-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2020-14154" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6ud-492m-yqdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59545?format=api", "vulnerability_id": "VCID-nyyz-7jhc-4qd6", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80872", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.81067", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80998", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.81009", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.81023", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.81045", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.8088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80903", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80928", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80937", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80953", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.8093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80966", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80967", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.80969", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01471", "scoring_system": "epss", "scoring_elements": "0.8099", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604040", "reference_id": "1604040", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1604040" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14353", "reference_id": "CVE-2018-14353", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14353" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14353" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nyyz-7jhc-4qd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38782?format=api", "vulnerability_id": "VCID-rabc-wwt3-j3a3", "summary": "A vulnerability in Mutt could allow remote attackers to execute\n arbitrary code or cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.8279", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82806", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82815", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.8284", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82846", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82857", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82892", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82915", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82925", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82929", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.8295", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.8297", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01816", "scoring_system": "epss", "scoring_elements": "0.82991", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075860", "reference_id": "1075860", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075860" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731", "reference_id": "708731", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731" }, { "reference_url": "https://security.gentoo.org/glsa/201406-05", "reference_id": "GLSA-201406-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0304", "reference_id": "RHSA-2014:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0304" }, { "reference_url": "https://usn.ubuntu.com/2147-1/", "reference_id": "USN-2147-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2147-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571944?format=api", "purl": "pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-45b7-9f4d-ryac" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rabc-wwt3-j3a3" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037128?format=api", "purl": "pkg:deb/debian/mutt@1.5.23-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3" } ], "aliases": [ "CVE-2014-0467" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rabc-wwt3-j3a3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56484?format=api", "vulnerability_id": "VCID-rhbd-qbus-ruhc", "summary": "Multiple vulnerabilities have been found in Mutt and Neomutt, the\n worst of which could result in an access restriction bypass.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14093", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88158", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88166", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88182", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88225", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88217", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.8823", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88229", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88248", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88253", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88256", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88268", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88283", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03861", "scoring_system": "epss", "scoring_elements": "0.88296", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848360", "reference_id": "1848360", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848360" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897", "reference_id": "962897", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897" }, { "reference_url": "https://security.gentoo.org/glsa/202007-57", "reference_id": "GLSA-202007-57", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-57" }, { "reference_url": "https://usn.ubuntu.com/4401-1/", "reference_id": "USN-4401-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4401-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2020-14093" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rhbd-qbus-ruhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78094?format=api", "vulnerability_id": "VCID-s7jp-h1gx-f3db", "summary": "mutt: null pointer dereference", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4875", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07342", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0716", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07125", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07091", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07105", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0726", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07045", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07099", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07131", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07129", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07118", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07109", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07028", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563", "reference_id": "1051563", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238241", "reference_id": "2238241", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238241" }, { "reference_url": "https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch", "reference_id": "452ee330e094bfc7c9a68555e5152b1826534555.patch", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/" } ], "url": "https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch" }, { "reference_url": "https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch", "reference_id": "4cc3128abdf52c615911589394a03271fddeefc6.patch", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/" } ], "url": "https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2290", "reference_id": "RHSA-2024:2290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3058", "reference_id": "RHSA-2024:3058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3058" }, { "reference_url": "https://usn.ubuntu.com/6374-1/", "reference_id": "USN-6374-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6374-1/" }, { "reference_url": "https://usn.ubuntu.com/6374-2/", "reference_id": "USN-6374-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6374-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2023-4875" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7jp-h1gx-f3db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79523?format=api", "vulnerability_id": "VCID-sdgd-qstu-pudm", "summary": "mutt: buffer overflow in uudecoder function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1328", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44268", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.4434", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44362", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44299", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44351", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44374", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44342", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44341", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44397", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44388", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50548", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50661", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50609", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50616", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.5057", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50494", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50577", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1328" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734", "reference_id": "1009734", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735", "reference_id": "1009735", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076058", "reference_id": "2076058", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7640", "reference_id": "RHSA-2022:7640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8219", "reference_id": "RHSA-2022:8219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8219" }, { "reference_url": "https://usn.ubuntu.com/5392-1/", "reference_id": "USN-5392-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5392-1/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2022-1328" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdgd-qstu-pudm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88149?format=api", "vulnerability_id": "VCID-smyk-kg69-27ct", "summary": "Mutt 1.5.19 SSL chain verification flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1390", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.6282", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62878", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62871", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62946", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62924", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62964", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62971", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62951", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62985", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62986", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62941", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62987", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.6304", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=504979", "reference_id": "504979", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504979" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571942?format=api", "purl": "pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-45b7-9f4d-ryac" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rabc-wwt3-j3a3" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-uh2u-tyhx-jqey" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1390" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-smyk-kg69-27ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73745?format=api", "vulnerability_id": "VCID-ssk5-y54s-53gk", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44409", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44314", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44391", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44544", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44644", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44582", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44633", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44636", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.4467", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44601", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44515", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44518", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44437", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14363", "reference_id": "CVE-2018-14363", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14363" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14363" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssk5-y54s-53gk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43087?format=api", "vulnerability_id": "VCID-t7kq-u427-mbd7", "summary": "A vulnerability in Mutt could lead to a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86497", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86652", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86617", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86636", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86525", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86524", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86544", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86554", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86569", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86565", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86558", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86573", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86578", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.8657", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86588", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86597", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02997", "scoring_system": "epss", "scoring_elements": "0.86596", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1920446", "reference_id": "1920446", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1920446" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326", "reference_id": "980326", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326" }, { "reference_url": "https://security.archlinux.org/ASA-202101-43", "reference_id": "ASA-202101-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-43" }, { "reference_url": "https://security.archlinux.org/AVG-1476", "reference_id": "AVG-1476", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1476" }, { "reference_url": "https://security.gentoo.org/glsa/202101-25", "reference_id": "GLSA-202101-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4181", "reference_id": "RHSA-2021:4181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4181" }, { "reference_url": "https://usn.ubuntu.com/4703-1/", "reference_id": "USN-4703-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4703-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3181" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7kq-u427-mbd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59541?format=api", "vulnerability_id": "VCID-u7cd-qnpy-y3az", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75224", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.7542", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75354", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75357", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75365", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75395", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75236", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.7531", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75288", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75316", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75323", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75314", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75349", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602953", "reference_id": "1602953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602953" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14351", "reference_id": "CVE-2018-14351", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14351" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14351" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7cd-qnpy-y3az" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59546?format=api", "vulnerability_id": "VCID-u8at-7vh4-f7fe", "summary": "Multiple vulnerabilities have been found in Mutt and NeoMutt, the\n worst of which allows for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84812", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.85002", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84933", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84942", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84959", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84983", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84827", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84847", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.8487", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84877", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84895", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84888", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.8491", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02348", "scoring_system": "epss", "scoring_elements": "0.84908", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb" }, { "reference_url": "https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html" }, { "reference_url": "https://neomutt.org/2018/07/16/release", "reference_id": "", "reference_type": "", "scores": [], "url": "https://neomutt.org/2018/07/16/release" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4277" }, { "reference_url": "http://www.mutt.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mutt.org/news.html" }, { "reference_url": "http://www.securityfocus.com/bid/104925", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104925" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602069", "reference_id": "1602069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602069" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021", "reference_id": "904021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051", "reference_id": "904051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051" }, { "reference_url": "https://security.archlinux.org/AVG-740", "reference_id": "AVG-740", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14354", "reference_id": "CVE-2018-14354", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14354" }, { "reference_url": "https://security.gentoo.org/glsa/201810-07", "reference_id": "GLSA-201810-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2526", "reference_id": "RHSA-2018:2526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2526" }, { "reference_url": "https://usn.ubuntu.com/3719-1/", "reference_id": "USN-3719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-1/" }, { "reference_url": "https://usn.ubuntu.com/3719-2/", "reference_id": "USN-3719-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-2/" }, { "reference_url": "https://usn.ubuntu.com/3719-3/", "reference_id": "USN-3719-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3719-3/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" } ], "aliases": [ "CVE-2018-14354" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8at-7vh4-f7fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87467?format=api", "vulnerability_id": "VCID-uh2u-tyhx-jqey", "summary": "mutt: SSL host name check may be skipped when verifying certificate chain", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47709", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47701", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47738", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47758", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47708", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47762", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47783", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.4776", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.4777", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47825", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47817", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47769", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47752", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47707", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47624", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47687", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429" }, { "reference_url": "http://seclists.org/fulldisclosure/2011/Mar/87", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2011/Mar/87" }, { "reference_url": "http://secunia.com/advisories/44937", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44937" }, { "reference_url": "http://securityreason.com/securityalert/8143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/8143" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66015" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0959.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0959.html" }, { "reference_url": "http://www.securityfocus.com/bid/46803", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46803" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216", "reference_id": "619216", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=688755", "reference_id": "688755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688755" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1429", "reference_id": "CVE-2011-1429", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0959", "reference_id": "RHSA-2011:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0959" }, { "reference_url": "https://usn.ubuntu.com/1221-1/", "reference_id": "USN-1221-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1221-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571944?format=api", "purl": "pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-45b7-9f4d-ryac" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rabc-wwt3-j3a3" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3" } ], "aliases": [ "CVE-2011-1429" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uh2u-tyhx-jqey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60755?format=api", "vulnerability_id": "VCID-ukjn-pbdj-u3e3", "summary": "Multiple vulnerabilities have been reported in Mozilla Firefox,\n Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted\n arbitrary remote code execution.", "references": [ { "reference_url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" }, { "reference_url": "http://balsa.gnome.org/download.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://balsa.gnome.org/download.html" }, { "reference_url": "http://docs.info.apple.com/article.html?artnum=305530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://docs.info.apple.com/article.html?artnum=305530" }, { "reference_url": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" }, { "reference_url": "http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94246", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94154", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94223", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94234", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94163", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94175", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94177", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94187", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94191", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94195", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94211", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94216", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.1342", "scoring_system": "epss", "scoring_elements": "0.94219", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1558" }, { "reference_url": "http://secunia.com/advisories/25353", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25353" }, { "reference_url": "http://secunia.com/advisories/25402", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25402" }, { "reference_url": "http://secunia.com/advisories/25476", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25476" }, { "reference_url": "http://secunia.com/advisories/25496", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25496" }, { "reference_url": "http://secunia.com/advisories/25529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25529" }, { "reference_url": "http://secunia.com/advisories/25534", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25534" }, { "reference_url": "http://secunia.com/advisories/25546", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25546" }, { "reference_url": "http://secunia.com/advisories/25559", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25559" }, { "reference_url": "http://secunia.com/advisories/25664", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25664" }, { "reference_url": "http://secunia.com/advisories/25750", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25750" }, { "reference_url": "http://secunia.com/advisories/25798", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25798" }, { "reference_url": "http://secunia.com/advisories/25858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25858" }, { "reference_url": "http://secunia.com/advisories/25894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25894" }, { "reference_url": "http://secunia.com/advisories/26083", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26083" }, { "reference_url": "http://secunia.com/advisories/26415", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26415" }, { "reference_url": "http://secunia.com/advisories/35699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35699" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200706-06.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200706-06.xml" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1231" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1232", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1232" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1424", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1424" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857" }, { "reference_url": "http://sourceforge.net/forum/forum.php?forum_id=683706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sourceforge.net/forum/forum.php?forum_id=683706" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782" }, { "reference_url": "http://sylpheed.sraoss.jp/en/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sylpheed.sraoss.jp/en/news.html" }, { "reference_url": "http://www.claws-mail.org/news.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.claws-mail.org/news.php" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1300", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1300" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1305", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1305" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:105", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:105" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:107", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:107" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:113" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:119", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:119" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:131", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:131" }, { "reference_url": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-15.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/08/15/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2009/08/15/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/08/18/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2009/08/18/1" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0344.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0344.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0353.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0353.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0385.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0385.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2009-1140.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/464477/30/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/464477/30/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/464569/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/464569/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/471455/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/471455/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/471720/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/471720/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/471842/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/471842/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/23257", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23257" }, { "reference_url": "http://www.securitytracker.com/id?1018008", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018008" }, { "reference_url": "http://www.trustix.org/errata/2007/0019/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0019/" }, { "reference_url": "http://www.trustix.org/errata/2007/0024/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0024/" }, { "reference_url": "http://www.ubuntu.com/usn/usn-469-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-469-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-520-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-520-1" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1466" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1467", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1467" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1468", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1468" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1480", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1480" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1939", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1939" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1994", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1994" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2788", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2788" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/0082" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=241191", "reference_id": "241191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=241191" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol:*:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558", "reference_id": "CVE-2007-1558", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1558", "reference_id": "CVE-2007-1558", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1558" }, { "reference_url": "https://security.gentoo.org/glsa/200706-06", "reference_id": "GLSA-200706-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200706-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2007-15", "reference_id": "mfsa2007-15", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2007-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0344", "reference_id": "RHSA-2007:0344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0353", "reference_id": "RHSA-2007:0353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0385", "reference_id": "RHSA-2007:0385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0386", "reference_id": "RHSA-2007:0386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0401", "reference_id": "RHSA-2007:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0402", "reference_id": "RHSA-2007:0402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1140", "reference_id": "RHSA-2009:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1140" }, { "reference_url": "https://usn.ubuntu.com/469-1/", "reference_id": "USN-469-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/469-1/" }, { "reference_url": "https://usn.ubuntu.com/520-1/", "reference_id": "USN-520-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/520-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571941?format=api", "purl": "pkg:deb/debian/mutt@1.5.18-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-45b7-9f4d-ryac" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rabc-wwt3-j3a3" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-smyk-kg69-27ct" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-uh2u-tyhx-jqey" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" }, { "vulnerability": "VCID-zecc-x23b-akcf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6" } ], "aliases": [ "CVE-2007-1558" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ukjn-pbdj-u3e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56486?format=api", "vulnerability_id": "VCID-yvgu-yg5k-z3ff", "summary": "Multiple vulnerabilities have been found in Mutt and Neomutt, the\n worst of which could result in an access restriction bypass.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90453", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90457", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90469", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90474", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90487", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.905", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90511", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.9051", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90522", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90521", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90518", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.9053", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90547", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.05784", "scoring_system": "epss", "scoring_elements": "0.90559", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850170", "reference_id": "1850170", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850170" }, { "reference_url": "https://security.gentoo.org/glsa/202007-57", "reference_id": "GLSA-202007-57", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-57" }, { "reference_url": "https://usn.ubuntu.com/4403-1/", "reference_id": "USN-4403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4403-1/" }, { "reference_url": "https://usn.ubuntu.com/7204-1/", "reference_id": "USN-7204-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7204-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037129?format=api", "purl": "pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037900?format=api", "purl": "pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049080?format=api", "purl": "pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3" } ], "aliases": [ "CVE-2020-14954" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yvgu-yg5k-z3ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89079?format=api", "vulnerability_id": "VCID-zecc-x23b-akcf", "summary": "mutt: denial of service via a series of requests to temporary files", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2351", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32733", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32307", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32232", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32296", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32899", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32719", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32758", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32732", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32773", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32749", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3272", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32568", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32452", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32369", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2351" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2005-2351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2005-2351" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768449", "reference_id": "1768449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768449" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2351", "reference_id": "CVE-2005-2351", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2351" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571942?format=api", "purl": "pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2jga-eah6-6bhb" }, { "vulnerability": "VCID-45b7-9f4d-ryac" }, { "vulnerability": "VCID-4hym-sx7t-qbh1" }, { "vulnerability": "VCID-4zbn-7d8g-5bgx" }, { "vulnerability": "VCID-4zs7-nyzq-zydh" }, { "vulnerability": "VCID-5dxq-th2e-eke5" }, { "vulnerability": "VCID-7f9n-6yxm-zuhu" }, { "vulnerability": "VCID-86dz-udh7-7kd5" }, { "vulnerability": "VCID-bbnw-jxah-rfbh" }, { "vulnerability": "VCID-ce8r-3je8-97bm" }, { "vulnerability": "VCID-d15r-ncw4-hfdh" }, { "vulnerability": "VCID-eyfx-wdun-3fhq" }, { "vulnerability": "VCID-fyys-8z34-cufn" }, { "vulnerability": "VCID-htz5-1fbu-5qfb" }, { "vulnerability": "VCID-j1v7-r585-eqeq" }, { "vulnerability": "VCID-k6ud-492m-yqdp" }, { "vulnerability": "VCID-nyyz-7jhc-4qd6" }, { "vulnerability": "VCID-rabc-wwt3-j3a3" }, { "vulnerability": "VCID-rhbd-qbus-ruhc" }, { "vulnerability": "VCID-s7jp-h1gx-f3db" }, { "vulnerability": "VCID-sdgd-qstu-pudm" }, { "vulnerability": "VCID-ssk5-y54s-53gk" }, { "vulnerability": "VCID-t7kq-u427-mbd7" }, { "vulnerability": "VCID-u7cd-qnpy-y3az" }, { "vulnerability": "VCID-u8at-7vh4-f7fe" }, { "vulnerability": "VCID-uh2u-tyhx-jqey" }, { "vulnerability": "VCID-yvgu-yg5k-z3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3" } ], "aliases": [ "CVE-2005-2351" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zecc-x23b-akcf" } ], "fixing_vulnerabilities": [], "risk_score": "6.2", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.13-1.1etch1" }