VulnerableCode Package Details - pkg:alpm/archlinux/neomutt@20180716-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1cdh-sy3k-jkag	An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.	CVE-2018-14363
VCID-4q5w-2evq-m7hq	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.	CVE-2018-14354
VCID-8j7x-jh73-h7b6	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.	CVE-2018-14353
VCID-8uj7-sb6v-u7ej	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.	CVE-2018-14352
VCID-btt4-fsyt-cqa5	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.	CVE-2018-14357
VCID-cxmg-3uq4-abhn	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.	CVE-2018-14362
VCID-ebkr-9qfz-a3ek	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.	CVE-2018-14356
VCID-egsy-92hs-gkc7	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.	CVE-2018-14355
VCID-mpnc-7uvn-zkf6	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.	CVE-2018-14358
VCID-p47a-3nan-s7cs	An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.	CVE-2018-14360
VCID-rkwk-ws46-myfs	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.	CVE-2018-14351
VCID-sa5k-3dyu-c7cu	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.	CVE-2018-14359
VCID-tyqv-g119-aqgj	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.	CVE-2018-14350
VCID-u4r9-puc9-87fg	An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.	CVE-2018-14361
VCID-vgcj-dyr2-vbbr	An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.	CVE-2018-14349

Vulnerability

Summary

Aliases

VCID-1cdh-sy3k-jkag

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.

CVE-2018-14363

VCID-4q5w-2evq-m7hq

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.

CVE-2018-14354

VCID-8j7x-jh73-h7b6

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.

CVE-2018-14353

VCID-8uj7-sb6v-u7ej

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.

CVE-2018-14352

VCID-btt4-fsyt-cqa5

CVE-2018-14357

VCID-cxmg-3uq4-abhn

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.

CVE-2018-14362

VCID-ebkr-9qfz-a3ek

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.

CVE-2018-14356

VCID-egsy-92hs-gkc7

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.

CVE-2018-14355

VCID-mpnc-7uvn-zkf6

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.

CVE-2018-14358

VCID-p47a-3nan-s7cs

An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.

CVE-2018-14360

VCID-rkwk-ws46-myfs

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.

CVE-2018-14351

VCID-sa5k-3dyu-c7cu

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.

CVE-2018-14359

VCID-tyqv-g119-aqgj

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.

CVE-2018-14350

VCID-u4r9-puc9-87fg

An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.

CVE-2018-14361

VCID-vgcj-dyr2-vbbr

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.

CVE-2018-14349

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T11:37:04.727824+00:00	Arch Linux Importer	Fixing	VCID-vgcj-dyr2-vbbr	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.702672+00:00	Arch Linux Importer	Fixing	VCID-tyqv-g119-aqgj	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.667953+00:00	Arch Linux Importer	Fixing	VCID-rkwk-ws46-myfs	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.642143+00:00	Arch Linux Importer	Fixing	VCID-8uj7-sb6v-u7ej	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.612919+00:00	Arch Linux Importer	Fixing	VCID-8j7x-jh73-h7b6	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.587871+00:00	Arch Linux Importer	Fixing	VCID-4q5w-2evq-m7hq	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.562188+00:00	Arch Linux Importer	Fixing	VCID-egsy-92hs-gkc7	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.535988+00:00	Arch Linux Importer	Fixing	VCID-ebkr-9qfz-a3ek	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.510208+00:00	Arch Linux Importer	Fixing	VCID-btt4-fsyt-cqa5	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.483950+00:00	Arch Linux Importer	Fixing	VCID-mpnc-7uvn-zkf6	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.458547+00:00	Arch Linux Importer	Fixing	VCID-sa5k-3dyu-c7cu	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.433179+00:00	Arch Linux Importer	Fixing	VCID-p47a-3nan-s7cs	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.405622+00:00	Arch Linux Importer	Fixing	VCID-u4r9-puc9-87fg	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.379214+00:00	Arch Linux Importer	Fixing	VCID-cxmg-3uq4-abhn	https://security.archlinux.org/AVG-740	37.0.0
2025-07-31T11:37:04.352649+00:00	Arch Linux Importer	Fixing	VCID-1cdh-sy3k-jkag	https://security.archlinux.org/AVG-740	37.0.0

2025-07-31T11:37:04.727824+00:00

Arch Linux Importer

Fixing