Information on source package sympa

Available versions

stretch (security)6.2.16~dfsg-3+deb9u1

Open issues

CVE-2020-9369fixedvulnerable (no DSA)fixedSympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial ...
CVE-2020-10936vulnerablevulnerablefixedSympa before 6.2.56 allows privilege escalation. ...
CVE-2018-1000671vulnerable (no DSA)fixedfixedsympa version 6.2.16 and later contains a CWE-601: URL Redirection to ...

Resolved issues

CVE-2018-1000550The Sympa Community Sympa version prior to version 6.2.32 contains a D ...
CVE-2015-1306The newsletter posting area in the web interface in Sympa 6.0.x before ...
CVE-2012-2352The archive management (arc_manage) page in wwsympa/ in ... in sympa 5.3.4 allows local users to overwrite arbitrary file ...
CVE-2008-1648Sympa before 5.4 allows remote attackers to cause a denial of service ...
CVE-2005-0073Buffer overflow in queue.c in a support script for sympa 3.3.3, when r ...
CVE-2004-1735Cross-site scripting (XSS) vulnerability in the create list option in ...

Security announcements

DSA / DLADescription
DLA-1512-1sympa - security update
DSA-4285-1sympa - security update
DLA-1441-1sympa - security update
DLA-148-1sympa - security update
DSA-3134-1sympa - security update
DSA-2477-1sympa - authorization bypass
DSA-1600-1sympa - denial of service
DSA-677-1sympa - buffer overflow

Search for package or bug name: Reporting problems