{"id":"CVE-2020-14154","details":"Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.","modified":"2026-05-15T12:03:58.885069867Z","published":"2020-06-15T17:15:10.717Z","related":["SUSE-SU-2020:14414-1","SUSE-SU-2020:1771-1","SUSE-SU-2020:1794-1","openSUSE-SU-2020:0903-1","openSUSE-SU-2020:0915-1","openSUSE-SU-2020:2127-1","openSUSE-SU-2020:2157-1","openSUSE-SU-2020:2158-1","openSUSE-SU-2024:11079-1","openSUSE-SU-2024:13279-1"],"database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"],"extracted_events":[{"last_affected":"12.04"},{"last_affected":"16.04"},{"last_affected":"18.04"},{"last_affected":"19.10"},{"last_affected":"20.04"}],"source":"CPE_FIELD","vendor_product":"canonical:ubuntu_linux"}]},"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00064.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00070.html"},{"type":"ADVISORY","url":"http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200608/000022.html"},{"type":"ADVISORY","url":"http://www.mutt.org"},{"type":"ADVISORY","url":"https://bugs.gentoo.org/728300"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202007-57"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4401-1/"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}