Information on source package sympa

Available versions

Bug	jessie	stretch	buster	bullseye	bookworm	trixie	sid	Description
CVE-2021-46900	vulnerable	vulnerable	vulnerable (no DSA)	vulnerable (no DSA)	fixed	fixed	fixed	Sympa before 6.2.62 relies on a cookie parameter for certain security ...
CVE-2020-29668	vulnerable	fixed	fixed	fixed	fixed	fixed	fixed	Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API ...
CVE-2020-26932	vulnerable	fixed	fixed	fixed	fixed	fixed	fixed	debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg- ...
CVE-2020-26880	vulnerable	vulnerable (no DSA, postponed)	vulnerable (no DSA, postponed)	vulnerable (no DSA, postponed)	vulnerable (no DSA, postponed)	vulnerable	vulnerable	Sympa through 6.2.57b.2 allows a local privilege escalation from the s ...
CVE-2020-10936	vulnerable	fixed	fixed	fixed	fixed	fixed	fixed	Sympa before 6.2.56 allows privilege escalation.

Bug	Description
CVE-2020-9369	Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial ...
CVE-2018-1000671	sympa version 6.2.16 and later contains a CWE-601: URL Redirection to ...
CVE-2018-1000550	The Sympa Community Sympa version prior to version 6.2.32 contains a D ...
CVE-2015-1306	The newsletter posting area in the web interface in Sympa 6.0.x before ...
CVE-2012-2352	The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in ...
CVE-2008-4476	sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary file ...
CVE-2008-1648	Sympa before 5.4 allows remote attackers to cause a denial of service ...
CVE-2005-0073	Buffer overflow in queue.c in a support script for sympa 3.3.3, when r ...
CVE-2004-1735	Cross-site scripting (XSS) vulnerability in the create list option in ...