Release | Version |
---|---|
jessie | 6.1.23~dfsg-2+deb8u3 |
stretch | 6.2.16~dfsg-3+deb9u5 |
buster | 6.2.40~dfsg-1+deb10u1 |
bullseye | 6.2.60~dfsg-4 |
bookworm | 6.2.70~dfsg-2 |
trixie | 6.2.72~dfsg-1 |
sid | 6.2.72~dfsg-1 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2024-55919 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Improper input validation on generic SSO login |
CVE-2021-46900 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Sympa before 6.2.62 relies on a cookie parameter for certain security ... |
CVE-2020-29668 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API ... |
CVE-2020-26932 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg- ... |
CVE-2020-26880 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | Sympa through 6.2.57b.2 allows a local privilege escalation from the s ... |
CVE-2020-10936 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Sympa before 6.2.56 allows privilege escalation. |
Bug | Description |
---|---|
CVE-2020-9369 | Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial ... |
CVE-2018-1000671 | sympa version 6.2.16 and later contains a CWE-601: URL Redirection to ... |
CVE-2018-1000550 | The Sympa Community Sympa version prior to version 6.2.32 contains a D ... |
CVE-2015-1306 | The newsletter posting area in the web interface in Sympa 6.0.x before ... |
CVE-2012-2352 | The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in ... |
CVE-2008-4476 | sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary file ... |
CVE-2008-1648 | Sympa before 5.4 allows remote attackers to cause a denial of service ... |
CVE-2005-0073 | Buffer overflow in queue.c in a support script for sympa 3.3.3, when r ... |
CVE-2004-1735 | Cross-site scripting (XSS) vulnerability in the create list option in ... |
DSA / DLA | Description |
---|---|
DSA-4818-1 | sympa - security update |
DLA-2499-1 | sympa - security update |
DLA-2441-1 | sympa - security update |
DLA-2401-1 | sympa - security update |
DLA-1512-1 | sympa - security update |
DSA-4285-1 | sympa - security update |
DLA-1441-1 | sympa - security update |
DLA-148-1 | sympa - security update |
DSA-3134-1 | sympa - security update |
DSA-2477-1 | sympa - authorization bypass |
DSA-1600-1 | sympa - denial of service |
DSA-677-1 | sympa - buffer overflow |