FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0d6efbe3-52d9-11ec-9472-e3667ed6088emailman < 2.1.38 -- CSRF vulnerability of list mod or member against list admin page

Mark Sapiro reports:

A list moderator or list member can potentially carry out a CSRF attack by getting a list admin to visit a crafted web page.


Discovery 2021-11-25
Entry 2021-12-01
mailman
< 2.1.38

mailman-exim4
< 2.1.38

mailman-exim4-with-htdig
< 2.1.38

mailman-postfix
< 2.1.38

mailman-postfix-with-htdig
< 2.1.38

mailman-with-htdig
< 2.1.38

CVE-2021-44227
https://bugs.launchpad.net/mailman/+bug/1952384
https://www.mail-archive.com/mailman-users@python.org/msg73979.html