CVE-2021-33038 - Debian Debian Linux and Hyperkitty Project Hyperkitty

Critical 7.5

An issue was discovered in management/commands/hyperkitty_import.py in HyperKitty through 1.3.4. When importing a private mailing list's archives, these archives are publicly visible for the duration of the import. For example, sensitive information might be available on the web for an hour during a large migration from Mailman 2 to Mailman 3.

Affected software

Debian Debian Linux

Hyperkitty Project Hyperkitty

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.