Lucene search
Veracode Vulnerability DatabaseVERACODE:22858HistoryApr 01, 2020 - 12:38 a.m.
URL Mishandling
2020-04-0100:38:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
EPSS
0.002
Percentile
52.7%
Mailman is vulnerable to URL mishandling. The Utils.py:GetPathPieces() allows attackers to display arbitrary text on trusted sites since it does not correctly handle the URL.
References
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1054
access.redhat.com/security/updates/classification/#moderate
bugs.launchpad.net/mailman/+bug/1780874
lists.debian.org/debian-lts-announce/2018/07/msg00034.html
security.gentoo.org/glsa/201904-10
usn.ubuntu.com/4348-1/
www.mail-archive.com/[email protected]/msg71003.html
Related
mageia
mageia
Updated mailman packages fix security vulnerability
2018-09-21 19:26:22
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0383)
2022-01-28 00:00:00
openSUSE: Security Advisory for mailman (openSUSE-SU-2018:2309-1)
2018-08-14 00:00:00
Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2020-2291)
2020-10-30 00:00:00
nessus
nessus
FreeBSD : mailman -- arbitrary content injection vulnerability via options or private archive login pages (88760f4d-8ef7-11ea-a66d-4b2ef158be83)
2020-05-07 00:00:00
openSUSE Security Update : mailman (openSUSE-2019-556)
2019-03-27 00:00:00
EulerOS 2.0 SP5 : mailman (EulerOS-SA-2020-2291)
2020-10-30 00:00:00
freebsd
freebsd
fedora
fedora
[SECURITY] Fedora 28 Update: mailman-2.1.29-1.fc28
2018-08-07 01:19:36
nvd
nvd
CVE-2018-13796
2018-07-12 18:29:00
debian
debian
[SECURITY] [DLA 1442-2] mailman regression update
2018-07-27 05:54:23
[SECURITY] [DLA 1442-1] mailman security update
2018-07-24 21:22:21
osv
osv
Moderate severity vulnerability that affects mailman
2018-09-11 18:57:16
mailman - security update
2018-07-24 00:00:00
ubuntucve
ubuntucve
CVE-2018-13796
2018-07-12 00:00:00
github
github
Moderate severity vulnerability that affects mailman
2018-09-11 18:57:16
cve
cve
CVE-2018-13796
2018-07-12 18:29:00
prion
prion
Design/Logic Flaw
2018-07-12 18:29:00
suse
suse
Security update for mailman (moderate)
2018-08-13 15:08:02
debiancve
debiancve
CVE-2018-13796
2018-07-12 18:29:00
cvelist
cvelist
CVE-2018-13796
2018-07-12 18:00:00
redhatcve
redhatcve
CVE-2018-13796
2018-07-27 02:18:43
oraclelinux
oraclelinux
mailman security and bug fix update
2020-04-06 00:00:00
gentoo
gentoo
Mailman: Multiple vulnerabilities
2019-04-08 00:00:00
amazon
amazon
Medium: mailman
2020-10-22 18:27:00
Medium: mailman
2020-07-14 01:54:00
centos
centos
mailman security update
2020-04-08 18:45:57
redhat
redhat
(RHSA-2020:1054) Moderate: mailman security and bug fix update
2020-03-31 09:13:11
altlinux
altlinux
Security fix for the ALT Linux 9 package mailman version 5:2.1.29-alt1
2019-01-06 00:00:00
ubuntu
ubuntu
Mailman vulnerabilities
2020-04-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1913
2021-07-02 17:27:17