11 matches found
PT-2025-30553 · Mailman 3 · Mailman 3
Name of the Vulnerable Software and Affected Versions: mailman3 versions prior to 3.3.10-2.1 Description: A reliance on untrusted inputs in a security decision within the logrotate configuration allows for potential escalation from mailman to root. Recommendations: Update mailman3 to version...
[SECURITY] [DSA 4970-1] postorius security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4970-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 09, 2021 https://www.debian.org/security/faq -...
GHSA-H39G-Q63V-4H9P Exposure of sensitive information to an unauthorized actor in HyperKitty
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty prior to 1.3.5. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour durin...
Exposure of sensitive information to an unauthorized actor in HyperKitty
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty prior to 1.3.5. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour durin...
[SECURITY] [DSA 4922-1] hyperkitty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4922-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2021 https://www.debian.org/security/faq -...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
PYSEC-2021-77
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
CVE-2021-33038 affects HyperKitty prior to 1.3.5: when importing a private mailing-list archive via management/commands/hyperkitty_import.py, archives are publicly visible during the import, potentially exposing sensitive information. Documented in multiple advisories; affected software is HyperK...