Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/moin@1.7.0
Typepypi
Namespace
Namemoin
Version1.7.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.7.1
Latest_non_vulnerable_version1.9.11
Affected_by_vulnerabilities
0
url VCID-5k2q-y419-qbcf
vulnerability_id VCID-5k2q-y419-qbcf
summary MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
references
0
reference_url http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2
1
reference_url http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2
2
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
3
reference_url http://secunia.com/advisories/39887
reference_id
reference_type
scores
url http://secunia.com/advisories/39887
4
reference_url https://github.com/moinwiki/moin
reference_id
reference_type
scores
url https://github.com/moinwiki/moin
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-13.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-13.yaml
6
reference_url https://web.archive.org/web/20140805132556/http://secunia.com/advisories/39887
reference_id
reference_type
scores
url https://web.archive.org/web/20140805132556/http://secunia.com/advisories/39887
7
reference_url https://web.archive.org/web/20200228153929/http://www.securityfocus.com/bid/35277
reference_id
reference_type
scores
url https://web.archive.org/web/20200228153929/http://www.securityfocus.com/bid/35277
8
reference_url http://ubuntu.com/usn/usn-941-1
reference_id
reference_type
scores
url http://ubuntu.com/usn/usn-941-1
9
reference_url http://www.debian.org/security/2010/dsa-2014
reference_id
reference_type
scores
url http://www.debian.org/security/2010/dsa-2014
10
reference_url http://www.securityfocus.com/bid/35277
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/35277
11
reference_url http://www.vupen.com/english/advisories/2010/0600
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0600
12
reference_url http://www.vupen.com/english/advisories/2010/1208
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/1208
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-4762
reference_id CVE-2009-4762
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2009-4762
14
reference_url https://github.com/advisories/GHSA-jj23-fj2v-m872
reference_id GHSA-jj23-fj2v-m872
reference_type
scores
url https://github.com/advisories/GHSA-jj23-fj2v-m872
fixed_packages
0
url pkg:pypi/moin@1.7.3
purl pkg:pypi/moin@1.7.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.7.3
1
url pkg:pypi/moin@1.8.3
purl pkg:pypi/moin@1.8.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.8.3
aliases CVE-2009-4762, GHSA-jj23-fj2v-m872, PYSEC-2010-13
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5k2q-y419-qbcf
1
url VCID-gjam-kx3q-qyak
vulnerability_id VCID-gjam-kx3q-qyak
summary Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url http://hg.moinmo.in/moin/1.6/rev/8686a10f1f58
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.6/rev/8686a10f1f58
1
reference_url http://hg.moinmo.in/moin/1.7/rev/383196922b03
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.7/rev/383196922b03
2
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
3
reference_url http://secunia.com/advisories/31135
reference_id
reference_type
scores
url http://secunia.com/advisories/31135
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/43899
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/43899
5
reference_url https://github.com/moinwiki/moin
reference_id
reference_type
scores
url https://github.com/moinwiki/moin
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2008-13.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2008-13.yaml
7
reference_url https://web.archive.org/web/20090522153829/http://hg.moinmo.in/moin/1.7/raw-file/1.7.1/docs/CHANGES
reference_id
reference_type
scores
url https://web.archive.org/web/20090522153829/http://hg.moinmo.in/moin/1.7/raw-file/1.7.1/docs/CHANGES
8
reference_url https://web.archive.org/web/20100207003615/http://hg.moinmo.in/moin/1.6/raw-file/1.6.4/docs/CHANGES
reference_id
reference_type
scores
url https://web.archive.org/web/20100207003615/http://hg.moinmo.in/moin/1.6/raw-file/1.6.4/docs/CHANGES
9
reference_url https://web.archive.org/web/20100608030052/http://hg.moinmo.in/moin/1.6/rev/8686a10f1f58
reference_id
reference_type
scores
url https://web.archive.org/web/20100608030052/http://hg.moinmo.in/moin/1.6/rev/8686a10f1f58
10
reference_url https://web.archive.org/web/20100608030059/http://hg.moinmo.in/moin/1.7/rev/383196922b03
reference_id
reference_type
scores
url https://web.archive.org/web/20100608030059/http://hg.moinmo.in/moin/1.7/rev/383196922b03
11
reference_url http://www.securityfocus.com/bid/30297
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/30297
12
reference_url http://www.vupen.com/english/advisories/2008/2147/references
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/2147/references
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-3381
reference_id CVE-2008-3381
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2008-3381
14
reference_url https://github.com/advisories/GHSA-q7q4-5g8p-33fq
reference_id GHSA-q7q4-5g8p-33fq
reference_type
scores
url https://github.com/advisories/GHSA-q7q4-5g8p-33fq
fixed_packages
0
url pkg:pypi/moin@1.7.1
purl pkg:pypi/moin@1.7.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.7.1
aliases CVE-2008-3381, GHSA-q7q4-5g8p-33fq, PYSEC-2008-13
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjam-kx3q-qyak
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.7.0