Information Disclosure

2021-05-2703:51:34

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.007 Low

EPSS

Percentile

80.6%

JSON

hyperkitty is vulnerable to information disclosure. The vulnerability exists as private archives are publiclyu visible during imports, leading to information disclosure.

CPENameOperatorVersion
hyperkittyle1.3.4
hyperkittyle1.3.4

CPE	Name	Operator	Version
	hyperkitty	le	1.3.4
	hyperkitty	le	1.3.4

References

gitlab.com/mailman/hyperkitty/-/commit/9025324597d60b2dff740e49b70b15589d6804fa

gitlab.com/mailman/hyperkitty/-/commit/9025324597d60b2dff740e49b70b15589d6804fa#c91e62f208b7f88e263ddc714a18056e7c190c3d_33_33

gitlab.com/mailman/hyperkitty/-/issues/380

techblog.wikimedia.org/2021/06/11/discovering-and-fixing-cve-2021-33038-in-mailman3/

www.debian.org/security/2021/dsa-4922

0.007 Low

EPSS

Percentile

80.6%

JSON

Related for VERACODE:30699