CVE-2018-14358

CRITICAL9.8EPSS 1.4%

Published: 7/17/2018Modified: 4/28/2026

Also known as:ALPINE-CVE-2018-14358DEBIAN-CVE-2018-14358

Description

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.

Affected packages (3)

Alpine/muttfrom 0, < 1.10.1-r0
Debian/muttfrom 0, < 1.10.1-1
Debian/neomuttfrom 0, < 20180716+dfsg.1-1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2018-14358
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-14358