CVE-2021-33038

An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...

CVE-2021-33038

CVE-2021-33038 affects HyperKitty prior to 1.3.5: when importing a private mailing-list archive via management/commands/hyperkitty_import.py, archives are publicly visible during the import, potentially exposing sensitive information. Documented in multiple advisories; affected software is HyperK...

Information Exposure

An issue was discovered in in HyperKitty When importing a private mailing list's archives, these archives are publicly visible for the duration of the import...

HyperKitty 信息泄露漏洞

An information disclosure vulnerability exists in HyperKitty version 1.3.4 and prior versions that stems from when importing archives of private mailing lists that are publicly visible during the import...

PT-2021-3364 · Opensuse · Opensuse Leap

Name of the Vulnerable Software and Affected Versions: python-HyperKitty versions prior to 1.3.4-5.1 openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions Description: The issue is related to a UNIX Symbolic Link Symlink Following vulnerability in python-HyperKitty,...