Search for packages
| purl | pkg:alpm/archlinux/neomutt@20180622-2 |
| Next non-vulnerable version | 20180716-1 |
| Latest non-vulnerable version | 20211015-1 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1cdh-sy3k-jkag
Aliases: CVE-2018-14363 |
An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames. |
Affected by 0 other vulnerabilities. |
|
VCID-4q5w-2evq-m7hq
Aliases: CVE-2018-14354 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription. |
Affected by 0 other vulnerabilities. |
|
VCID-8j7x-jh73-h7b6
Aliases: CVE-2018-14353 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow. |
Affected by 0 other vulnerabilities. |
|
VCID-8uj7-sb6v-u7ej
Aliases: CVE-2018-14352 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow. |
Affected by 0 other vulnerabilities. |
|
VCID-btt4-fsyt-cqa5
Aliases: CVE-2018-14357 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription. |
Affected by 0 other vulnerabilities. |
|
VCID-cxmg-3uq4-abhn
Aliases: CVE-2018-14362 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character. |
Affected by 0 other vulnerabilities. |
|
VCID-ebkr-9qfz-a3ek
Aliases: CVE-2018-14356 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID. |
Affected by 0 other vulnerabilities. |
|
VCID-egsy-92hs-gkc7
Aliases: CVE-2018-14355 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name. |
Affected by 0 other vulnerabilities. |
|
VCID-mpnc-7uvn-zkf6
Aliases: CVE-2018-14358 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field. |
Affected by 0 other vulnerabilities. |
|
VCID-p47a-3nan-s7cs
Aliases: CVE-2018-14360 |
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage. |
Affected by 0 other vulnerabilities. |
|
VCID-rkwk-ws46-myfs
Aliases: CVE-2018-14351 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size. |
Affected by 0 other vulnerabilities. |
|
VCID-sa5k-3dyu-c7cu
Aliases: CVE-2018-14359 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data. |
Affected by 0 other vulnerabilities. |
|
VCID-tyqv-g119-aqgj
Aliases: CVE-2018-14350 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field. |
Affected by 0 other vulnerabilities. |
|
VCID-u4r9-puc9-87fg
Aliases: CVE-2018-14361 |
An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data. |
Affected by 0 other vulnerabilities. |
|
VCID-vgcj-dyr2-vbbr
Aliases: CVE-2018-14349 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-31T11:37:04.722958+00:00 | Arch Linux Importer | Affected by | VCID-vgcj-dyr2-vbbr | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.698053+00:00 | Arch Linux Importer | Affected by | VCID-tyqv-g119-aqgj | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.663066+00:00 | Arch Linux Importer | Affected by | VCID-rkwk-ws46-myfs | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.637026+00:00 | Arch Linux Importer | Affected by | VCID-8uj7-sb6v-u7ej | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.608216+00:00 | Arch Linux Importer | Affected by | VCID-8j7x-jh73-h7b6 | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.582934+00:00 | Arch Linux Importer | Affected by | VCID-4q5w-2evq-m7hq | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.557242+00:00 | Arch Linux Importer | Affected by | VCID-egsy-92hs-gkc7 | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.531091+00:00 | Arch Linux Importer | Affected by | VCID-ebkr-9qfz-a3ek | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.505191+00:00 | Arch Linux Importer | Affected by | VCID-btt4-fsyt-cqa5 | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.478957+00:00 | Arch Linux Importer | Affected by | VCID-mpnc-7uvn-zkf6 | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.453807+00:00 | Arch Linux Importer | Affected by | VCID-sa5k-3dyu-c7cu | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.427884+00:00 | Arch Linux Importer | Affected by | VCID-p47a-3nan-s7cs | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.400622+00:00 | Arch Linux Importer | Affected by | VCID-u4r9-puc9-87fg | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.374297+00:00 | Arch Linux Importer | Affected by | VCID-cxmg-3uq4-abhn | https://security.archlinux.org/AVG-740 | 37.0.0 |
| 2025-07-31T11:37:04.346665+00:00 | Arch Linux Importer | Affected by | VCID-1cdh-sy3k-jkag | https://security.archlinux.org/AVG-740 | 37.0.0 |