Описание
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
Ссылки
- Third Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
6.5 Medium
CVSS3
5.9 Medium
CVSS3
Дефекты
Связанные уязвимости
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
In neomutt and mutt, the To and Cc email headers are not validated by ...
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
Уязвимость почтовых клиентов Mutt и NeoMutt, связанная с ошибками проверки криптографической подписи, позволяющая нарушителю изменить список доверенных получателей и раскрыть защищаемую информацию
EPSS
6.5 Medium
CVSS3
5.9 Medium
CVSS3