11 matches found
PT-2025-30553 · Mailman 3 · Mailman 3
Name of the Vulnerable Software and Affected Versions: mailman3 versions prior to 3.3.10-2.1 Description: A reliance on untrusted inputs in a security decision within the logrotate configuration allows for potential escalation from mailman to root. Recommendations: Update mailman3 to version...
[SECURITY] [DSA 4970-1] postorius security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4970-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 09, 2021 https://www.debian.org/security/faq -...
Exposure of sensitive information to an unauthorized actor in HyperKitty
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty prior to 1.3.5. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour durin...
GHSA-H39G-Q63V-4H9P Exposure of sensitive information to an unauthorized actor in HyperKitty
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty prior to 1.3.5. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour durin...
[SECURITY] [DSA 4922-1] hyperkitty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4922-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2021 https://www.debian.org/security/faq -...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
PYSEC-2021-77
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
An issue was discovered in management/commands/hyperkittyimport.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during...
CVE-2021-33038
CVE-2021-33038 affects HyperKitty prior to 1.3.5: when importing a private mailing-list archive via management/commands/hyperkitty_import.py, archives are publicly visible during the import, potentially exposing sensitive information. Documented in multiple advisories; affected software is HyperK...