VYPR
Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026

CVE-2005-0202

CVE-2005-0202

Description

Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • GNU/Mailman7 versions
    cpe:2.3:a:gnu:mailman:2.1:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:gnu:mailman:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:mailman:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:mailman:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:mailman:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:mailman:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:mailman:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:mailman:2.1b1:*:*:*:*:*:*:*
  • Mailman/Mailmanllm-fuzzy
    Range: <=2.1.5

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.