Описание
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | ignored | no fix planned |
| esm-infra/bionic | ignored | no fix planned |
| esm-infra/focal | ignored | no fix planned |
| esm-infra/xenial | ignored | no fix planned |
| focal | ignored | end of standard support, was ignored [no fix planned] |
| jammy | ignored | no fix planned |
| noble | ignored | no fix planned |
| oracular | ignored | end of life, was ignored [no fix planned] |
| plucky | ignored | no fix planned |
| questing | ignored | no fix planned |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 20241002+dfsg-1 |
| esm-apps/bionic | ignored | changes too intrusive |
| esm-apps/focal | released | 20191207+dfsg.1-1.1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 20211029+dfsg1-1ubuntu0.1~esm1 |
| esm-apps/noble | released | 20231103+dfsg1-1ubuntu0.1~esm1 |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| noble | needed | |
| oracular | ignored | end of life, was needed |
| plucky | not-affected | 20241002+dfsg-1 |
Показывать по
Ссылки на источники
6.5 Medium
CVSS3
Связанные уязвимости
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
In neomutt and mutt, the To and Cc email headers are not validated by ...
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
Уязвимость почтовых клиентов Mutt и NeoMutt, связанная с ошибками проверки криптографической подписи, позволяющая нарушителю изменить список доверенных получателей и раскрыть защищаемую информацию
6.5 Medium
CVSS3