CVE-2018-14363

Опубликовано: 17 июл. 2018

Источник: debian

Описание

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
neomutt	fixed	20180716+dfsg.1-1		package
mutt	fixed	1.9.1-1		package

Примечания

https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
previous versions ship a neomutt patchset.

Связанные уязвимости

CVE-2018-14363

CVSS3: 7.5

ubuntu

больше 7 лет назад

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.

CVE-2018-14363

CVSS3: 7.5

nvd

больше 7 лет назад

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.

GHSA-jm86-h3mr-62qj

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.

BDU:2019-04313

CVSS3: 7.5

fstec

больше 7 лет назад

Уязвимость компонента newsrc.c почтового клиента NeoMutt, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

openSUSE-SU-2019:0052-1

suse-cvrf

около 7 лет назад

Security update for mutt