#1004967 mutt: sending a mail message with a newline character in subject yields garbage, possible header injection

Package:
mutt
Source:
mutt
Description:
text-based mailreader supporting MIME, GPG, PGP and threading
Submitter:
Vincent Lefevre
Date:
2026-01-10 11:39:33 UTC
Severity:
important
Tags:
#1004967#5
Date:
2022-02-04 13:55:06 UTC
From:
To:
When sending a mail message with a newline character (LF) in the
subject, one gets garbage.

For instance:

  echo test | mutt -s foo$'\n'bar $USER@localhost

One gets a mail with just "foo" in the subject and a body that starts
with "bar" and continues with some of the headers. I don't know how
this should be handled, but this shouldn't give garbage.

This can even be used to inject headers:

  echo test | mutt -s foo$'\n'Injected:\ bar $USER@localhost

Note: I don't think that the caller is required to sanitize the
subject. At least, this is not documented, so that this should not
be assumed.
#1004967#12
Date:
2026-01-10 10:08:08 UTC
From:
To:
Es gibt eine Familienspende in Höhe von 1.850.000,00 USD von Cheng Charlie
Saephan. Bitte antworten Sie für weitere Informationen. Denken Sie daran,
Ihrer Familie und den Bedürftigen in Ihrer Umgebung Gutes zu tun.

Dies ist bereits der zweite Versuch, Sie zu erreichen. Bitte antworten Sie
für weitere Details.