CVE-2020-14954

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-14954
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-14954.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-14954
Downstream
Related
Published
2020-06-21T17:15:09Z
Modified
2025-09-19T12:04:54.752351Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."

References

Affected packages

Git / github.com/muttmua/mutt

Affected ranges

Type
GIT
Repo
https://github.com/muttmua/mutt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/neomutt/neomutt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Type
GIT
Repo
https://gitlab.com/muttmua/mutt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

2019-10-25
20191102
20191111
20191129
20191207
20200313
20200320
20200417
20200424
20200501
mutt-0-92-10i
mutt-0-92-11i
mutt-0-92-9i
mutt-0-93-unstable
mutt-0-94-10i-rel
mutt-0-94-13-rel
mutt-0-94-14-rel
mutt-0-94-15-rel
mutt-0-94-16i-rel
mutt-0-94-17i-rel
mutt-0-94-18-rel
mutt-0-94-5i-rel
mutt-0-94-6i-rel
mutt-0-94-7i-rel
mutt-0-94-8i-rel
mutt-0-94-9i-p1
mutt-0-94-9i-rel
mutt-0-95-rel
mutt-0-96-1-rel
mutt-0-96-2-slightly-post-release
mutt-0-96-3-rel
mutt-0-96-4-rel
mutt-0-96-5-rel
mutt-0-96-6-rel
mutt-0-96-7-rel
mutt-0-96-8-rel
mutt-0-96-rel
mutt-1-1-1-1-rel
mutt-1-1-1-2-rel
mutt-1-1-1-rel
mutt-1-1-10-rel
mutt-1-1-11-rel
mutt-1-1-12-rel
mutt-1-1-13-rel
mutt-1-1-14-rel
mutt-1-1-2-rel
mutt-1-1-3-rel
mutt-1-1-4-rel
mutt-1-1-5-rel
mutt-1-1-6-rel
mutt-1-1-7-rel
mutt-1-1-8-rel
mutt-1-1-9-rel
mutt-1-1-rel
mutt-1-10-1-rel
mutt-1-10-rel
mutt-1-11-1-rel
mutt-1-11-2-rel
mutt-1-11-3-rel
mutt-1-11-4-rel
mutt-1-11-rel
mutt-1-12-1-rel
mutt-1-12-2-rel
mutt-1-12-rel
mutt-1-13-1-rel
mutt-1-13-2-rel
mutt-1-13-3-rel
mutt-1-13-4-rel
mutt-1-13-5-rel
mutt-1-13-rel
mutt-1-14-1-rel
mutt-1-14-2-rel
mutt-1-14-3-rel
mutt-1-14-rel
mutt-1-3-1-rel
mutt-1-3-10-rel
mutt-1-3-11-rel
mutt-1-3-12-rel
mutt-1-3-13-rel
mutt-1-3-14-rel
mutt-1-3-15-rel
mutt-1-3-16-rel
mutt-1-3-17-rel
mutt-1-3-18-rel
mutt-1-3-19-rel
mutt-1-3-2-rel
mutt-1-3-20-rel
mutt-1-3-21-rel
mutt-1-3-22-1-rel
mutt-1-3-22-rel
mutt-1-3-23-1-rel
mutt-1-3-23-2-rel
mutt-1-3-23-rel
mutt-1-3-24-rel
mutt-1-3-25-rel
mutt-1-3-26-rel
mutt-1-3-27-rel
mutt-1-3-3-rel
mutt-1-3-4-rel
mutt-1-3-5-rel
mutt-1-3-6-rel
mutt-1-3-7-rel
mutt-1-3-8-rel
mutt-1-3-9-rel
mutt-1-3-rel
mutt-1-5-1-rel
mutt-1-5-10-rel
mutt-1-5-11-rel
mutt-1-5-12-rel
mutt-1-5-13-rel
mutt-1-5-14-rel
mutt-1-5-15-rel
mutt-1-5-16-rel
mutt-1-5-17-rel
mutt-1-5-18-rel
mutt-1-5-19-rel
mutt-1-5-2-rel
mutt-1-5-20-rel
mutt-1-5-21-rel
mutt-1-5-22-rel
mutt-1-5-23-rel
mutt-1-5-24-rel
mutt-1-5-3-rel
mutt-1-5-4-rel
mutt-1-5-5-1-rel
mutt-1-5-5-rel
mutt-1-5-6-rel
mutt-1-5-7-rel
mutt-1-5-8-rel
mutt-1-5-9-rel
mutt-1-6-1-rel
mutt-1-6-2-rel
mutt-1-6-rel
mutt-1-7-1-rel
mutt-1-7-2-rel
mutt-1-7-rel
mutt-1-8-1-rel
mutt-1-8-2-rel
mutt-1-8-3-rel
mutt-1-8-rel
mutt-1-9-1-rel
mutt-1-9-2-rel
mutt-1-9-3-rel
mutt-1-9-4-rel
mutt-1-9-5-rel
mutt-1-9-rel
neomutt-20160822
neomutt-20160827
neomutt-20160910
neomutt-20160916
neomutt-20161002
neomutt-20161003
neomutt-20161014
neomutt-20161028
neomutt-20161104
neomutt-20161126
neomutt-20170113
neomutt-20170128
neomutt-20170206
neomutt-20170225
neomutt-20170306
neomutt-20170414
neomutt-20170421
neomutt-20170428
neomutt-20170526
neomutt-20170602
neomutt-20170609
neomutt-20170707
neomutt-20170714
neomutt-20170907
neomutt-20170912
neomutt-20171006
neomutt-20171013
neomutt-20171027
neomutt-20171208
neomutt-20171215
neomutt-20180223
neomutt-20180323
neomutt-20180512
neomutt-20180622
neomutt-20180716
post-type-punning-patch
pre-type-punning-patch

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "function_hash": "44992668075714321893057665795727764418",
                "length": 1941.0
            },
            "signature_type": "Function",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "imap/imap.c",
                "function": "imap_open_connection"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-1e963bbf"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "236753248965281992922722005274229441904",
                    "148313658709422087785498987586679668760",
                    "66666345422237146144222389054324477406",
                    "312383068827093376146995620522654092375"
                ]
            },
            "signature_type": "Line",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "smtp.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-27b6fac3"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "195892384089387407122844999843074655976",
                    "241784455253745484313712968342155088130",
                    "132651310569114454378534891346233694192",
                    "233223301110599527104956408247214654033"
                ]
            },
            "signature_type": "Line",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "nntp/nntp.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-2f7783f3"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "228199153325695400052032153300510996890",
                    "66439340510563616087624374326378596928",
                    "247269268377050723330110519794783159122",
                    "16134682384211218054282201067285465822"
                ]
            },
            "signature_type": "Line",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "pop/pop_lib.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-5551168a"
        },
        {
            "digest": {
                "function_hash": "3924893623696282984031067475760628486",
                "length": 2406.0
            },
            "signature_type": "Function",
            "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4",
            "target": {
                "file": "mutt_ssl.c",
                "function": "mutt_ssl_starttls"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-57a58ee4"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "307331709257669031545039989435500192634",
                    "171239241256085084219501049372157687846",
                    "62850679139230278844682671082953221608",
                    "60896392166792266394891751863172980401"
                ]
            },
            "signature_type": "Line",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "conn/socket.h"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-5c3bf9c4"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "220009596432518087481277674940495787568",
                    "219524305078317464263044700899935190261",
                    "85529289398689296017134109923965014091",
                    "29496026359297498989424405448808859555"
                ]
            },
            "signature_type": "Line",
            "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4",
            "target": {
                "file": "mutt_socket.h"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-5e6ba7de"
        },
        {
            "digest": {
                "function_hash": "100829173116190600858159645461328931119",
                "length": 289.0
            },
            "signature_type": "Function",
            "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4",
            "target": {
                "file": "mutt_ssl_gnutls.c",
                "function": "mutt_ssl_starttls"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-6579b0b3"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "196472896472400386691796374089208180702",
                    "60040772488398434283429044078168517878",
                    "206078758818106128215695582181177286043",
                    "235994231975520507873981987597379569395",
                    "237628480328063291927886699851479387200",
                    "192869104413734524237180789805395601385",
                    "247052858317911412431437426978405579400"
                ]
            },
            "signature_type": "Line",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "imap/command.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-665fb6d0"
        },
        {
            "digest": {
                "function_hash": "162166934862861220235681767039508031212",
                "length": 887.0
            },
            "signature_type": "Function",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "imap/command.c",
                "function": "imap_exec"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-6a01760e"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "188497607745055877459878591124861724843",
                    "293150522518363429545752787994509039533",
                    "333420326018441820831316304765230543074"
                ]
            },
            "signature_type": "Line",
            "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4",
            "target": {
                "file": "mutt_ssl.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-72f169ff"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "195169622976178384685312765189902567523",
                    "144496850903660620582356269248905645793",
                    "118627108049108073556564599796214648056",
                    "242834342463301710076991533363548928466"
                ]
            },
            "signature_type": "Line",
            "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4",
            "target": {
                "file": "mutt_ssl_gnutls.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-7736d919"
        },
        {
            "digest": {
                "function_hash": "267361969920487025611144160917627970084",
                "length": 1825.0
            },
            "signature_type": "Function",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "pop/pop_lib.c",
                "function": "pop_open_connection"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-a6b6440e"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "142098375908311935035689897214063071626",
                    "269862614409702674060039833485377731210",
                    "232483895511340113153063965403749246449"
                ]
            },
            "signature_type": "Line",
            "source": "https://gitlab.com/muttmua/mutt@c547433cdf2e79191b15c6932c57f1472bfb5ff4",
            "target": {
                "file": "mutt_socket.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-a960bb0e"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "322973470093828194128000706283655668590",
                    "300161726902115777482238072438353336228",
                    "104090465928353823593562893093606976460",
                    "61175173592837600351900588900970542665"
                ]
            },
            "signature_type": "Line",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "imap/imap.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-a9e19c97"
        },
        {
            "digest": {
                "function_hash": "331562114280994771562968139455818509618",
                "length": 1073.0
            },
            "signature_type": "Function",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "smtp.c",
                "function": "smtp_open"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-ad92f25c"
        },
        {
            "digest": {
                "function_hash": "268643368371455374646142094818380220938",
                "length": 2750.0
            },
            "signature_type": "Function",
            "source": "https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc",
            "target": {
                "file": "nntp/nntp.c",
                "function": "nntp_open_connection"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2020-14954-b6ab625f"
        }
    ]
}