CVE-2020-12108
published 2020-05-06CVE-2020-12108: /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| gnu | mailman | < 2.1.31 | 2.1.31 |
| gnu | mailman | >= 0 < 1:2.1.20-1ubuntu0.5 | 1:2.1.20-1ubuntu0.5 |
| gnu | mailman | >= 0 < 1:2.1.26-1ubuntu0.2 | 1:2.1.26-1ubuntu0.2 |
| gnu | mailman | >= 0 < 1:2.1.29-1ubuntu3.1 | 1:2.1.29-1ubuntu3.1 |
| opensuse | backports_sle | — | — |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
osv6.5MEDIUM