CVE-2021-42096 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Private key recovery |
Description | GNU Mailman before 2.1.35 may allow remote privilege escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2485 | mailman | 2.1.34-2 | 2.1.35-1 | Medium | Fixed |