exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-43919

10 месяцев назад

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.

CVSS3: 5.8

EPSS: Низкий

CVE-2025-43919

10 месяцев назад

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.

CVSS3: 5.8

EPSS: Низкий

CVE-2025-43919

10 месяцев назад

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthentic ...

CVSS3: 5.8

EPSS: Низкий

GHSA-56r4-vj3r-h3vv

10 месяцев назад

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter.

CVSS3: 5.8

EPSS: Низкий

BDU:2026-00163

10 месяцев назад

Уязвимость пакета управления рассылками электронных писем GNU Mailman, связанная с возможностью обхода каталога с ограниченным доступом, позволяющая нарушителю раскрыть защищаемую информацию

CVSS3: 5.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-43919 GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.	CVSS3: 5.8	0% Низкий	10 месяцев назад
CVE-2025-43919 GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.	CVSS3: 5.8	0% Низкий	10 месяцев назад
CVE-2025-43919 GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthentic ...	CVSS3: 5.8	0% Низкий	10 месяцев назад
GHSA-56r4-vj3r-h3vv GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter.	CVSS3: 5.8	0% Низкий	10 месяцев назад
BDU:2026-00163 Уязвимость пакета управления рассылками электронных писем GNU Mailman, связанная с возможностью обхода каталога с ограниченным доступом, позволяющая нарушителю раскрыть защищаемую информацию	CVSS3: 5.8	0% Низкий	10 месяцев назад

Уязвимостей на страницу