Количество 15
Количество 15
openSUSE-SU-2021:1436-1
Security update for mailman
RLSA-2021:4826
Important: mailman:2.1 security update
ELSA-2021-4826
ELSA-2021-4826: mailman:2.1 security update (IMPORTANT)
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csr ...
CVE-2021-42096
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
CVE-2021-42096
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
CVE-2021-42096
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
CVE-2021-42096
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A cer ...
GHSA-vj65-f4hc-r425
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
GHSA-c875-cgwj-4fjw
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
ELSA-2021-4913
ELSA-2021-4913: mailman security update (IMPORTANT)
SUSE-SU-2022:1886-1
Security update for mailman
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | openSUSE-SU-2021:1436-1 Security update for mailman | больше 3 лет назад | ||
 | RLSA-2021:4826 Important: mailman:2.1 security update | больше 3 лет назад | ||
| ELSA-2021-4826 ELSA-2021-4826: mailman:2.1 security update (IMPORTANT) | больше 3 лет назад | ||
 | CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
| CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csr ... | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
| CVE-2021-42096 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2021-42096 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2021-42096 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2021-42096 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A cer ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-vj65-f4hc-r425 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | 1% Низкий | около 3 лет назад | |
| GHSA-c875-cgwj-4fjw GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. | 0% Низкий | около 3 лет назад | |
| ELSA-2021-4913 ELSA-2021-4913: mailman security update (IMPORTANT) | больше 3 лет назад | ||
| SUSE-SU-2022:1886-1 Security update for mailman | около 3 лет назад |
Уязвимостей на страницу