Information on source package sympa

Available versions


Open issues

CVE-2021-46900vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedSympa before 6.2.62 relies on a cookie parameter for certain security ...
CVE-2020-26880vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerableSympa through 6.2.57b.2 allows a local privilege escalation from the s ...

Resolved issues

CVE-2020-29668Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API ...
CVE-2020-26932debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg- ...
CVE-2020-10936Sympa before 6.2.56 allows privilege escalation.
CVE-2020-9369Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial ...
CVE-2018-1000671sympa version 6.2.16 and later contains a CWE-601: URL Redirection to ...
CVE-2018-1000550The Sympa Community Sympa version prior to version 6.2.32 contains a D ...
CVE-2015-1306The newsletter posting area in the web interface in Sympa 6.0.x before ...
CVE-2012-2352The archive management (arc_manage) page in wwsympa/ in ... in sympa 5.3.4 allows local users to overwrite arbitrary file ...
CVE-2008-1648Sympa before 5.4 allows remote attackers to cause a denial of service ...
CVE-2005-0073Buffer overflow in queue.c in a support script for sympa 3.3.3, when r ...
CVE-2004-1735Cross-site scripting (XSS) vulnerability in the create list option in ...

Security announcements

DSA / DLADescription
DSA-4818-1sympa - security update
DLA-2499-1sympa - security update
DLA-2441-1sympa - security update
DLA-2401-1sympa - security update
DLA-1512-1sympa - security update
DSA-4285-1sympa - security update
DLA-1441-1sympa - security update
DLA-148-1sympa - security update
DSA-3134-1sympa - security update
DSA-2477-1sympa - authorization bypass
DSA-1600-1sympa - denial of service
DSA-677-1sympa - buffer overflow

Search for package or bug name: Reporting problems