pkg:Debian/sympa
28 total CVEsCRITICAL3HIGH6MEDIUM4LOW2
✅ Check your installed version
All known vulnerabilities
- from 0, < 6.2.16~dfsg-3+deb9u1
- from 0, < 6.1.23~dfsg-2+deb8u2
- from 0, < 6.2.32~dfsg-1
- HIGH7.8CVE-2020-26880Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf con…from 0, < 6.2.60~dfsg-2
- from 0, < 6.2.16~dfsg-3+deb9u3
- from 0, < 6.2.40~dfsg-1+deb10u1
- from 0, < 6.2.40~dfsg-5
- HIGH7.5CVE-2021-46900Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an…from 0
- HIGH7.5CVE-2020-9369Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of not…from 0, < 6.2.40~dfsg-4
- from 0, < 6.1.23~dfsg-2+deb8u3
- from 0, < 6.2.36~dfsg-1
- from 0, < 6.2.16~dfsg-3+deb9u4
- MEDIUM4.3CVE-2020-26932debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended p…from 0, < 6.2.40~dfsg-7
- from 0, < 6.2.58~dfsg-2
- from 0, < 6.2.16~dfsg-3+deb9u5
- from 0, < 6.1.11~dfsg-5+deb7u2
- from 0, < 6.1.23~dfsg-2
- from 0, < 6.0.1+dfsg-4+squeeze3
- from 0, < 6.0.1+dfsg-4+squeeze1
- from 0, < 6.1.11~dfsg-1
- —CVE-2008-4476sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file.from 0, < 5.3.4-5.1
- from 0, < 5.2.3-1.2+etch1
- from 0, < 5.3.4-4
- from 0, < 4.1.2-2.1
- from 0, < 3.3.3-3woody2
- —CVE-2004-1735Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject a…from 0, < 4.1.5-4
- from 0, < 6.2.60~dfsg-4+deb11u1
- from 0, < 6.2.60~dfsg-4+deb11u1