rpm package
suse/mailman&distro=HPE Helion OpenStack 8
pkg:rpm/suse/mailman&distro=HPE%20Helion%20OpenStack%208
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-44227 | — | < 2.1.17-3.26.1 | 2.1.17-3.26.1 | Dec 2, 2021 | In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. | ||
| CVE-2021-43332 | — | < 2.1.17-3.26.1 | 2.1.17-3.26.1 | Nov 12, 2021 | In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack. | ||
| CVE-2021-43331 | — | < 2.1.17-3.26.1 | 2.1.17-3.26.1 | Nov 12, 2021 | In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. | ||
| CVE-2021-42096 | — | < 2.1.17-3.26.1 | 2.1.17-3.26.1 | Oct 21, 2021 | GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. | ||
| CVE-2020-15011 | — | < 2.1.17-3.23.1 | 2.1.17-3.23.1 | Jun 24, 2020 | GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. | ||
| CVE-2020-12108 | — | < 2.1.17-3.20.1 | 2.1.17-3.20.1 | May 6, 2020 | /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. | ||
| CVE-2020-12137 | — | < 2.1.17-3.20.1 | 2.1.17-3.20.1 | Apr 24, 2020 | GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform | ||
| CVE-2019-3693 | — | < 2.1.17-3.11.1 | 2.1.17-3.11.1 | Jan 24, 2020 | A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to gr |
- CVE-2021-44227Dec 2, 2021affected < 2.1.17-3.26.1fixed 2.1.17-3.26.1
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
- CVE-2021-43332Nov 12, 2021affected < 2.1.17-3.26.1fixed 2.1.17-3.26.1
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
- CVE-2021-43331Nov 12, 2021affected < 2.1.17-3.26.1fixed 2.1.17-3.26.1
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
- CVE-2021-42096Oct 21, 2021affected < 2.1.17-3.26.1fixed 2.1.17-3.26.1
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
- CVE-2020-15011Jun 24, 2020affected < 2.1.17-3.23.1fixed 2.1.17-3.23.1
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
- CVE-2020-12108May 6, 2020affected < 2.1.17-3.20.1fixed 2.1.17-3.20.1
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
- CVE-2020-12137Apr 24, 2020affected < 2.1.17-3.20.1fixed 2.1.17-3.20.1
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform
- CVE-2019-3693Jan 24, 2020affected < 2.1.17-3.11.1fixed 2.1.17-3.11.1
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to gr