rpm package
suse/mutt&distro=SUSE Linux Enterprise Server 12 SP4
pkg:rpm/suse/mutt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-14954 | — | < 1.10.1-55.11.1 | 1.10.1-55.11.1 | Jun 21, 2020 | Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "respo | ||
| CVE-2020-14154 | — | < 1.10.1-55.11.1 | 1.10.1-55.11.1 | Jun 15, 2020 | Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. | ||
| CVE-2020-14093 | — | < 1.10.1-55.11.1 | 1.10.1-55.11.1 | Jun 15, 2020 | Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. |
- CVE-2020-14954Jun 21, 2020affected < 1.10.1-55.11.1fixed 1.10.1-55.11.1
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "respo
- CVE-2020-14154Jun 15, 2020affected < 1.10.1-55.11.1fixed 1.10.1-55.11.1
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
- CVE-2020-14093Jun 15, 2020affected < 1.10.1-55.11.1fixed 1.10.1-55.11.1
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.