CVE-2020-9369

Name of the Vulnerable Software and Affected Versions: Sympa versions 6.2.38 through 6.2.52

Description: The issue is related to the incorrect handling of malformed parameters, which can be exploited by remote attackers to cause a denial of service. This can result in disk consumption from temporary files and a flood of notifications to listmasters.

Recommendations: For Sympa versions 6.2.38 through 6.2.52, consider restricting access to the service to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the service with malformed parameters until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.