CVE-2021-44227

Опубликовано: 02 дек. 2021

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

CVSS3: 8.8

Описание

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

Релиз	Статус	Примечание
bionic	released	1:2.1.26-1ubuntu0.6
esm-apps/focal	needed
esm-infra/bionic	not-affected	1:2.1.26-1ubuntu0.6
esm-infra/xenial	needed
focal	ignored	end of standard support, was needed
trusty	ignored	end of standard support
upstream	needs-triage
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 56%

0.00339

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2021-44227

CVSS3: 8

redhat

больше 3 лет назад

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

CVE-2021-44227

CVSS3: 8.8

nvd

больше 3 лет назад

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

CVE-2021-44227

CVSS3: 8.8

debian

больше 3 лет назад

In GNU Mailman before 2.1.38, a list member or moderator can get a CSR ...

RLSA-2021:4916

rocky

больше 3 лет назад

Important: mailman:2.1 security update

GHSA-xq58-69h2-765m

CVSS3: 8.8

github

больше 3 лет назад

Cross Site Request Forgery in mailman

EPSS

Процентиль: 56%

0.00339

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2021-44227

Описание

Пакет mailman

Ссылки на источники

Связанные уязвимости