CVE-2021-44227

Опубликовано: 02 дек. 2021

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

CVSS3: 8.8

Описание

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

Релиз	Статус	Примечание
bionic	released	1:2.1.26-1ubuntu0.6
esm-apps/focal	released	1:2.1.29-1ubuntu3.1+esm2
esm-infra/bionic	released	1:2.1.26-1ubuntu0.6
esm-infra/xenial	released	1:2.1.20-1ubuntu0.6+esm3
focal	ignored	end of standard support, was needed
trusty	ignored	end of standard support
upstream	released	2.1.38
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 57%

0.00344

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2021-44227

CVSS3: 8

redhat

больше 4 лет назад

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

CVE-2021-44227

CVSS3: 8.8

nvd

больше 4 лет назад

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

CVE-2021-44227

CVSS3: 8.8

debian

больше 4 лет назад

In GNU Mailman before 2.1.38, a list member or moderator can get a CSR ...

RLSA-2021:4916

rocky

больше 4 лет назад

Important: mailman:2.1 security update

GHSA-xq58-69h2-765m

CVSS3: 8.8

github

больше 4 лет назад

Cross Site Request Forgery in mailman

EPSS

Процентиль: 57%

0.00344

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2021-44227

Описание

Пакет mailman

Ссылки на источники

Связанные уязвимости