Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."
{ "vanir_signatures": [ { "digest": { "function_hash": "44992668075714321893057665795727764418", "length": 1941.0 }, "signature_type": "Function", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "imap/imap.c", "function": "imap_open_connection" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-1e963bbf" }, { "digest": { "threshold": 0.9, "line_hashes": [ "236753248965281992922722005274229441904", "148313658709422087785498987586679668760", "66666345422237146144222389054324477406", "312383068827093376146995620522654092375" ] }, "signature_type": "Line", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "smtp.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-27b6fac3" }, { "digest": { "threshold": 0.9, "line_hashes": [ "195892384089387407122844999843074655976", "241784455253745484313712968342155088130", "132651310569114454378534891346233694192", "233223301110599527104956408247214654033" ] }, "signature_type": "Line", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "nntp/nntp.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-2f7783f3" }, { "digest": { "threshold": 0.9, "line_hashes": [ "228199153325695400052032153300510996890", "66439340510563616087624374326378596928", "247269268377050723330110519794783159122", "16134682384211218054282201067285465822" ] }, "signature_type": "Line", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "pop/pop_lib.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-5551168a" }, { "digest": { "function_hash": "3924893623696282984031067475760628486", "length": 2406.0 }, "signature_type": "Function", "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4", "target": { "file": "mutt_ssl.c", "function": "mutt_ssl_starttls" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-57a58ee4" }, { "digest": { "threshold": 0.9, "line_hashes": [ "307331709257669031545039989435500192634", "171239241256085084219501049372157687846", "62850679139230278844682671082953221608", "60896392166792266394891751863172980401" ] }, "signature_type": "Line", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "conn/socket.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-5c3bf9c4" }, { "digest": { "threshold": 0.9, "line_hashes": [ "220009596432518087481277674940495787568", "219524305078317464263044700899935190261", "85529289398689296017134109923965014091", "29496026359297498989424405448808859555" ] }, "signature_type": "Line", "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4", "target": { "file": "mutt_socket.h" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-5e6ba7de" }, { "digest": { "function_hash": "100829173116190600858159645461328931119", "length": 289.0 }, "signature_type": "Function", "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4", "target": { "file": "mutt_ssl_gnutls.c", "function": "mutt_ssl_starttls" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-6579b0b3" }, { "digest": { "threshold": 0.9, "line_hashes": [ "196472896472400386691796374089208180702", "60040772488398434283429044078168517878", "206078758818106128215695582181177286043", "235994231975520507873981987597379569395", "237628480328063291927886699851479387200", "192869104413734524237180789805395601385", "247052858317911412431437426978405579400" ] }, "signature_type": "Line", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "imap/command.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-665fb6d0" }, { "digest": { "function_hash": "162166934862861220235681767039508031212", "length": 887.0 }, "signature_type": "Function", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "imap/command.c", "function": "imap_exec" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-6a01760e" }, { "digest": { "threshold": 0.9, "line_hashes": [ "188497607745055877459878591124861724843", "293150522518363429545752787994509039533", "333420326018441820831316304765230543074" ] }, "signature_type": "Line", "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4", "target": { "file": "mutt_ssl.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-72f169ff" }, { "digest": { "threshold": 0.9, "line_hashes": [ "195169622976178384685312765189902567523", "144496850903660620582356269248905645793", "118627108049108073556564599796214648056", "242834342463301710076991533363548928466" ] }, "signature_type": "Line", "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4", "target": { "file": "mutt_ssl_gnutls.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-7736d919" }, { "digest": { "function_hash": "267361969920487025611144160917627970084", "length": 1825.0 }, "signature_type": "Function", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "pop/pop_lib.c", "function": "pop_open_connection" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-a6b6440e" }, { "digest": { "threshold": 0.9, "line_hashes": [ "142098375908311935035689897214063071626", "269862614409702674060039833485377731210", "232483895511340113153063965403749246449" ] }, "signature_type": "Line", "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4", "target": { "file": "mutt_socket.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-a960bb0e" }, { "digest": { "threshold": 0.9, "line_hashes": [ "322973470093828194128000706283655668590", "300161726902115777482238072438353336228", "104090465928353823593562893093606976460", "61175173592837600351900588900970542665" ] }, "signature_type": "Line", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "imap/imap.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-a9e19c97" }, { "digest": { "function_hash": "331562114280994771562968139455818509618", "length": 1073.0 }, "signature_type": "Function", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "smtp.c", "function": "smtp_open" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-ad92f25c" }, { "digest": { "function_hash": "268643368371455374646142094818380220938", "length": 2750.0 }, "signature_type": "Function", "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc", "target": { "file": "nntp/nntp.c", "function": "nntp_open_connection" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2020-14954-b6ab625f" } ] }