Search for packages
| purl | pkg:deb/debian/neomutt@20250510%2Bdfsg-2~bpo12%2B1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-98vs-c7n6-t3a9 | In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender. |
CVE-2024-49394
|
| VCID-nzcr-nwxj-yffk | In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality. |
CVE-2024-49393
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T13:20:53.540642+00:00 | Debian Importer | Fixing | VCID-98vs-c7n6-t3a9 | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |
| 2025-08-01T13:10:22.840950+00:00 | Debian Importer | Fixing | VCID-nzcr-nwxj-yffk | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |