330 matches found
[SECURITY] Fedora 41 Update: sympa-6.2.74-1.fc41
Sympa is scalable and highly customizable mailing list manager. It can cope with big lists 200,000 subscribers and comes with a complete user and admin Web interface. It is internationalized, and supports the us, fr, de, es, it, fi, and chinese locales. A scripting language allows you to extend t...
Fedora 41 : sympa (2024-88ad2bee84)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-88ad2bee84 advisory. - Update to 6.2.74, fix for CVE-2024-55919 - Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74 Tenable has extracted the preceding...
[SECURITY] Fedora 40 Update: sympa-6.2.74-1.fc40
Sympa is scalable and highly customizable mailing list manager. It can cope with big lists 200,000 subscribers and comes with a complete user and admin Web interface. It is internationalized, and supports the us, fr, de, es, it, fi, and chinese locales. A scripting language allows you to extend t...
Fedora: Security Advisory (FEDORA-2024-14c006b8bb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : sympa (2024-14c006b8bb)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-14c006b8bb advisory. - Update to 6.2.74, fix for CVE-2024-55919 - Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74 Tenable has extracted the preceding...
Mageia: Security Advisory (MGASA-2024-0052)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0052 Updated sympa packages fix security vulnerabilities
Sympa 6.2.72 fixes many bugs, including the security one related in CVE-2021-32850 It is required to manually run sympa upgrade after get this update...
Updated sympa packages fix security vulnerabilities
Sympa 6.2.72 fixes many bugs, including the security one related in CVE-2021-32850 It is required to manually run sympa upgrade after get this update...
Cross Site Scripting(XSS)
sympa:sid is vulnerable to cross-site scripting. The vulnerability due to Inappropriate use of the cookie parameter is both a salt for stored passwords. It leads to XSS due to parameter may also not provide sufficient security...
CVE-2021-46900
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
CVE-2021-46900
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
DEBIAN-CVE-2021-46900
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
UBUNTU-CVE-2021-46900
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
Cross site scripting
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
CVE-2021-46900
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
Sympa Security Vulnerabilities
Sympa is an open source email management list software from the Sympa community. The software supports email management, authentication and access control. A security vulnerability exists in versions prior to Sympa 6.2.62, which stems from improper use of the cookie parameter, resulting in a...
CVE-2021-46900
Sympa (open source mail list software) is affected by CVE-2021-46900 in versions before 6.2.62. The vulnerability arises from using a cookie parameter as both a salt for stored passwords and an XSS protection mechanism, without ensuring the parameter exists or has an unpredictable value. Reported...
CVE-2021-46900
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
CVE-2021-46900
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Sympa vulnerabilities (USN-4442-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4442-2 advisory. USN-4442-1 fixed vulnerabilities in Sympa. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM...