- Vulnerability/
- USN-3563-1
USN-3563-1: Mailman vulnerability
First published: Thu Feb 08 2018(Updated: )
It was discovered that Mailman incorrectly handled certain web scripts. An attacker could possibly use this to inject arbitrary code.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/mailman | <1:2.1.23-1ubuntu0.2 | 1:2.1.23-1ubuntu0.2 |
| =17.10 | ||
| All of | ||
| ubuntu/mailman | <1:2.1.20-1ubuntu0.3 | 1:2.1.20-1ubuntu0.3 |
| =16.04 | ||
| All of | ||
| ubuntu/mailman | <1:2.1.16-2ubuntu0.5 | 1:2.1.16-2ubuntu0.5 |
| =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Mailman vulnerability?
The vulnerability ID for this Mailman vulnerability is USN-3563-1.
What is the impact of this vulnerability?
This vulnerability could allow an attacker to inject arbitrary code.
Which versions of Mailman are affected?
The following versions of Mailman are affected: 1:2.1.23-1ubuntu0.2, 1:2.1.20-1ubuntu0.3, and 1:2.1.16-2ubuntu0.5.
How can I fix this vulnerability?
To fix this vulnerability, update Mailman to the appropriate version mentioned in the Ubuntu security advisory.
Where can I find more information about this vulnerability?
More information about this vulnerability can be found in the Ubuntu security advisory: https://ubuntu.com/security/CVE-2018-5950
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/17.10
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04