Description
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server Improper Certificate Validation Vulnerability (CVE-2020-26184)
WordPress Plugin Site Reviews Cross-Site Scripting (5.17.2)
OpenVPN AS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9104)
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.3.3)
WordPress Plugin User Login History Multiple Cross-Site Scripting Vulnerabilities (1.5.2)