CVE-2020-14954

CVE-2020-14954

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."

CVE-2020-14954

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."

CVE-2020-14954

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffe ...

GHSA-fv44-9w74-ffg5

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."

BDU:2021-02007

Уязвимость почтовых клиентов Mutt и NeoMutt, связанная с недостатками процедуры нейтрализации особых элементов в выходных данных, используемых входящим компонентом, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации