45 matches found
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
EUVD-2021-12219
Malware in sbrugna...
EUVD-2021-0099
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-33038
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives...
Linux Distros Unpatched Vulnerability : CVE-2021-25322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the...
OPENSUSE-SU-2024:11207-1 HyperKitty-web-1.3.4-5.2 on GA media
These are all security issues fixed in the HyperKitty-web-1.3.4-5.2 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11701-1 HyperKitty-web-1.3.5-1.1 on GA media
These are all security issues fixed in the HyperKitty-web-1.3.5-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2021-25322
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
SUSE CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
The software’s vulnerability involves providing a web interface for accessing GNU Mailman v3 archives and interacting with Hyperkitty lists. This vulnerability allows an attacker to gain access to confidential data.
The vulnerability of the software that provides a web interface for accessing GNU Mailman v3 archives and interacting with Hyperkitty lists is related to an error during the import of private distribution list archives, which later became publicly accessible. Exploiting this vulnerability could...
The vulnerability of the implementation of the “hyperkitty-permissions.sh” web interface for accessing Mailman archives in HyperKitty allows a perpetrator to increase their privileges.
The vulnerability of the “hyperkitty-permissions.sh” web interface implementation for accessing Mailman archives in HyperKitty relates to the tracking of symbolic links. Exploiting this vulnerability can allow attackers to increase their privileges...
CVE-2021-25322
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
CVE-2021-25322
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
Design/Logic Flaw
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
UBUNTU-CVE-2021-25322
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
CVE-2021-25322
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
CVE-2021-25322 python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
CVE-2021-25322
CVE-2021-25322 affects openSUSE Leap 15.2 and openSUSE Factory: python-HyperKitty, with a UNIX Symlink Following issue that could allow local privilege escalation from hyperkitty/hyperkitty-admin to root. Connected OSV data confirms a fix in HyperKitty web package: HyperKitty-web-1.3.4-5.2, indic...
CVE-2021-25322
A UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior...
openSUSE: Security Advisory for python-HyperKitty (openSUSE-SU-2021:0861-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...