GHSA-hj4h-vqpq-95wg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-hj4h-vqpq-95wg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-hj4h-vqpq-95wg/GHSA-hj4h-vqpq-95wg.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-hj4h-vqpq-95wg
- Aliases
-
- CVE-2004-0412
- Published
- 2022-04-29T02:57:41Z
- Modified
- 2024-11-28T05:29:05.188158Z
- Summary
- Mailman Sensitive Information Disclosure
- Details
-
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
- Database specific
{ "github_reviewed_at": "2023-09-18T22:51:49Z", "cwe_ids": [ "CWE-200" ], "nvd_published_at": "2004-08-18T04:00:00Z", "severity": "MODERATE", "github_reviewed": true }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2004-0412
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123559
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16256
- https://gitlab.com/mailman
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842
- http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html
- http://marc.info/?l=bugtraq&m=109034869927955&w=2
- http://secunia.com/advisories/11701
- http://security.gentoo.org/glsa/glsa-200406-04.xml
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:051
- http://www.securityfocus.com/bid/10412
Affected packages
PyPI / mailman
Package
- Name
- mailman
- View open source insights on deps.dev
- Purl
- pkg:pypi/mailman