Chenyuan Mi

**Name of the Vulnerable Software and Affected Versions** Mutt versions 1.5.2 through 2.2.12 **Description** The issue is related to a null pointer dereference when viewing a specially crafted email. This could allow a remote attacker to cause a denial of service. **Recommendations** For versions 1.5.2 through 2.2.12, update to a version outside of this range to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mutt versions 1.5.2 through 2.2.12 **Description** The issue is related to a null pointer dereference when composing from a specially crafted draft message. This can potentially allow an attacker to cause a denial of service. The vulnerability is associated with errors in handling message headers. **Recommendations** For Mutt versions 1.5.2 through 2.2.12, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting the use of draft messages from untrusted sources until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 3.6.0 through 3.6.15 Wireshark versions 4.0.0 through 4.0.7 **Description** The issue is related to the BT SDP dissector in Wireshark, which can enter an infinite loop. This can be exploited to cause a denial of service via packet injection or a crafted capture file. The exploitation of this issue may allow a remote attacker to cause a service disruption. **Recommendations** For Wireshark versions 3.6.0 through 3.6.15, update to a version outside of this range to resolve the issue. For Wireshark versions 4.0.0 through 4.0.7, update to a version outside of this range to resolve the issue. As a temporary workaround, consider disabling the BT SDP dissector until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 3.6.0 through 3.6.15 Wireshark versions 4.0.0 through 4.0.7 **Description** The issue is related to a memory leak in the BT SDP dissector of Wireshark, which can be exploited to cause a denial of service. This can be achieved via packet injection or by using a crafted capture file. The exploitation of this issue may allow a remote attacker to disrupt service. **Recommendations** For Wireshark versions 3.6.0 through 3.6.15, update to a version outside of this range to resolve the issue. For Wireshark versions 4.0.0 through 4.0.7, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting the use of the BT SDP dissector in Wireshark until a patch is available.