English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2025.7204.1
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-7204-1)
Summary:The remote host is missing an update for the 'neomutt' package(s) announced via the USN-7204-1 advisory.
Description:Summary:
The remote host is missing an update for the 'neomutt' package(s) announced via the USN-7204-1 advisory.

Vulnerability Insight:
Jeriko One discovered that NeoMutt incorrectly handled certain IMAP
and POP3 responses. An attacker could possibly use this issue to
cause NeoMutt to crash, resulting in a denial of service, or
the execution of arbitrary code. This issue only affected
Ubuntu 18.04 LTS. (CVE-2018-14349, CVE-2018-14350, CVE-2018-14351,
CVE-2018-14352, CVE-2018-14353, CVE-2018-14354, CVE-2018-14355,
CVE-2018-14356, CVE-2018-14357, CVE-2018-14358, CVE-2018-14359,
CVE-2018-14362)

Jeriko One discovered that NeoMutt incorrectly handled certain
NNTP-related operations. An attacker could possibly use this issue
to cause NeoMutt to crash, resulting in denial of service, or
the execution of arbitrary code. This issue only affected
Ubuntu 18.04 LTS. (CVE-2018-14360, CVE-2018-14361, CVE-2018-14363)

It was discovered that NeoMutt incorrectly processed additional data
when communicating with mail servers. An attacker could possibly use
this issue to access senstive information. This issue only affected
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14954, CVE-2020-28896)

It was discovered that Neomutt incorrectly handled the IMAP QRSync
setting. An attacker could possibly use this issue to cause NeoMutt
to crash, resulting in denial of service. This issue only affected
Ubuntu 20.04 LTS. (CVE-2021-32055)

Tavis Ormandy discovered that NeoMutt incorrectly parsed uuencoded
text past the length of the string. An attacker could possibly use
this issue to enable the execution of arbitrary code. This issue
only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-1328)

It was discovered that NeoMutt did not properly encrypt email headers.
An attacker could possibly use this issue to receive emails that were
not intended for them and access sensitive information. This
vulnerability was only fixed in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
and Ubuntu 24.04 LTS. (CVE-2024-49393, CVE-2024-49394)

Affected Software/OS:
'neomutt' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-14349
Debian Security Information: DSA-4277 (Google Search)
https://www.debian.org/security/2018/dsa-4277
https://security.gentoo.org/glsa/201810-07
http://www.mutt.org/news.html
https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1
https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416
https://neomutt.org/2018/07/16/release
https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
https://usn.ubuntu.com/3719-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-14350
BugTraq ID: 104931
http://www.securityfocus.com/bid/104931
https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
https://usn.ubuntu.com/3719-1/
https://usn.ubuntu.com/3719-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-14351
https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741
https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1
Common Vulnerability Exposure (CVE) ID: CVE-2018-14352
https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4
https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
Common Vulnerability Exposure (CVE) ID: CVE-2018-14353
https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23
Common Vulnerability Exposure (CVE) ID: CVE-2018-14354
BugTraq ID: 104925
http://www.securityfocus.com/bid/104925
https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb
https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
RedHat Security Advisories: RHSA-2018:2526
https://access.redhat.com/errata/RHSA-2018:2526
Common Vulnerability Exposure (CVE) ID: CVE-2018-14355
https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d
https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d
Common Vulnerability Exposure (CVE) ID: CVE-2018-14356
https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82
https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6
Common Vulnerability Exposure (CVE) ID: CVE-2018-14357
https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725
Common Vulnerability Exposure (CVE) ID: CVE-2018-14358
Common Vulnerability Exposure (CVE) ID: CVE-2018-14359
https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85
https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a
Common Vulnerability Exposure (CVE) ID: CVE-2018-14360
https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3
Common Vulnerability Exposure (CVE) ID: CVE-2018-14361
https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585
Common Vulnerability Exposure (CVE) ID: CVE-2018-14362
https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576
Common Vulnerability Exposure (CVE) ID: CVE-2018-14363
Common Vulnerability Exposure (CVE) ID: CVE-2020-14954
Debian Security Information: DSA-4707 (Google Search)
https://www.debian.org/security/2020/dsa-4707
Debian Security Information: DSA-4708 (Google Search)
https://www.debian.org/security/2020/dsa-4708
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3LXFVPTLK4PNHL6MPKJNJQJ25CH7GLQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFMEILCBKMZRRZDMUGWLVN4PQQ4VTAZE/
https://security.gentoo.org/glsa/202007-57
http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200615/000023.html
http://www.mutt.org/
https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc
https://github.com/neomutt/neomutt/releases/tag/20200619
https://gitlab.com/muttmua/mutt/-/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4
https://gitlab.com/muttmua/mutt/-/issues/248
https://lists.debian.org/debian-lts-announce/2020/06/msg00039.html
https://lists.debian.org/debian-lts-announce/2020/06/msg00040.html
SuSE Security Announcement: openSUSE-SU-2020:0903 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00064.html
SuSE Security Announcement: openSUSE-SU-2020:0915 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00070.html
https://usn.ubuntu.com/4403-1/
Common Vulnerability Exposure (CVE) ID: CVE-2020-28896
https://security.gentoo.org/glsa/202101-32
https://github.com/neomutt/neomutt/commit/9c36717a3e2af1f2c1b7242035455ec8112b4b06
https://github.com/neomutt/neomutt/releases/tag/20201120
https://gitlab.com/muttmua/mutt/-/commit/04b06aaa3e0cc0022b9b01dbca2863756ebbf59a
https://gitlab.com/muttmua/mutt/-/commit/d92689088dfe80a290ec836e292376e2d9984f8f
https://lists.debian.org/debian-lts-announce/2020/11/msg00048.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-32055
https://security.gentoo.org/glsa/202105-05
http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20210503/000036.html
https://github.com/neomutt/neomutt/commit/fa1db5785e5cfd9d3cd27b7571b9fe268d2ec2dc
https://gitlab.com/muttmua/mutt/-/commit/7c4779ac24d2fb68a2a47b58c7904118f40965d5
Common Vulnerability Exposure (CVE) ID: CVE-2022-1328
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1328.json
https://gitlab.com/muttmua/mutt/-/commit/e5ed080c00e59701ca62ef9b2a6d2612ebf765a5
https://gitlab.com/muttmua/mutt/-/issues/404
Common Vulnerability Exposure (CVE) ID: CVE-2024-49393
Common Vulnerability Exposure (CVE) ID: CVE-2024-49394
CopyrightCopyright (C) 2025 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.