Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/moin@1.8.7
Typepypi
Namespace
Namemoin
Version1.8.7
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.8.8
Latest_non_vulnerable_version1.9.11
Affected_by_vulnerabilities
0
url VCID-1fak-dar5-tuet
vulnerability_id VCID-1fak-dar5-tuet
summary Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code.
references
0
reference_url http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f
1
reference_url http://moinmo.in/MoinMoinRelease1.9
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinRelease1.9
2
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
3
reference_url https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599
reference_id
reference_type
scores
url https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599
4
reference_url http://secunia.com/advisories/51696
reference_id
reference_type
scores
url http://secunia.com/advisories/51696
5
reference_url http://ubuntu.com/usn/usn-1680-1
reference_id
reference_type
scores
url http://ubuntu.com/usn/usn-1680-1
6
reference_url http://www.debian.org/security/2012/dsa-2593
reference_id
reference_type
scores
url http://www.debian.org/security/2012/dsa-2593
7
reference_url http://www.openwall.com/lists/oss-security/2012/12/29/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/12/29/6
8
reference_url http://www.openwall.com/lists/oss-security/2012/12/30/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/12/30/4
fixed_packages
0
url pkg:pypi/moin@1.9.6
purl pkg:pypi/moin@1.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kv8-4wn6-yydy
1
vulnerability VCID-2yaq-3m4p-q3bu
2
vulnerability VCID-4fn8-ab2r-23dk
3
vulnerability VCID-5hn2-1bvq-jfdh
4
vulnerability VCID-kjqq-u9hy-5yda
5
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.6
aliases CVE-2012-6495, PYSEC-2013-7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fak-dar5-tuet
1
url VCID-1kv8-4wn6-yydy
vulnerability_id VCID-1kv8-4wn6-yydy
summary MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via page name) component.
references
0
reference_url https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
reference_id
reference_type
scores
url https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
1
reference_url http://www.debian.org/security/2016/dsa-3715
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3715
2
reference_url http://www.securityfocus.com/bid/94259
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94259
3
reference_url http://www.ubuntu.com/usn/USN-3137-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3137-1
fixed_packages
0
url pkg:pypi/moin@1.9.9
purl pkg:pypi/moin@1.9.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yaq-3m4p-q3bu
1
vulnerability VCID-4fn8-ab2r-23dk
2
vulnerability VCID-kjqq-u9hy-5yda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.9
aliases CVE-2016-7146, PYSEC-2016-30
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kv8-4wn6-yydy
2
url VCID-2yaq-3m4p-q3bu
vulnerability_id VCID-2yaq-3m4p-q3bu
summary MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrade to a patched version. MoinMoin Wiki 1.9.11 has the necessary fixes and also contains other important fixes.
references
0
reference_url https://advisory.checkmarx.net/advisory/CX-2020-4285
reference_id
reference_type
scores
url https://advisory.checkmarx.net/advisory/CX-2020-4285
1
reference_url https://github.com/moinwiki/moin-1.9/commit/31de9139d0aabc171e94032168399b4a0b2a88a2
reference_id
reference_type
scores
url https://github.com/moinwiki/moin-1.9/commit/31de9139d0aabc171e94032168399b4a0b2a88a2
2
reference_url https://github.com/moinwiki/moin-1.9/releases/tag/1.9.11
reference_id
reference_type
scores
url https://github.com/moinwiki/moin-1.9/releases/tag/1.9.11
3
reference_url https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-4q96-6xhq-ff43
reference_id
reference_type
scores
url https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-4q96-6xhq-ff43
fixed_packages
0
url pkg:pypi/moin@1.9.11
purl pkg:pypi/moin@1.9.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.11
aliases CVE-2020-15275, GHSA-4q96-6xhq-ff43, PYSEC-2020-241
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yaq-3m4p-q3bu
3
url VCID-3z75-azrr-2qac
vulnerability_id VCID-3z75-azrr-2qac
summary Cross-site scripting (XSS) vulnerability in the rsslink function in theme/__init__.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link.
references
0
reference_url http://hg.moinmo.in/moin/1.9/rev/c98ec456e493
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.9/rev/c98ec456e493
1
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
2
reference_url http://secunia.com/advisories/51663
reference_id
reference_type
scores
url http://secunia.com/advisories/51663
3
reference_url http://www.openwall.com/lists/oss-security/2012/12/29/7
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/12/29/7
4
reference_url http://www.openwall.com/lists/oss-security/2012/12/30/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/12/30/5
5
reference_url http://www.securityfocus.com/bid/57089
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/57089
fixed_packages
0
url pkg:pypi/moin@1.9.6
purl pkg:pypi/moin@1.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kv8-4wn6-yydy
1
vulnerability VCID-2yaq-3m4p-q3bu
2
vulnerability VCID-4fn8-ab2r-23dk
3
vulnerability VCID-5hn2-1bvq-jfdh
4
vulnerability VCID-kjqq-u9hy-5yda
5
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.6
aliases CVE-2012-6082, PYSEC-2013-23
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3z75-azrr-2qac
4
url VCID-4fn8-ab2r-23dk
vulnerability_id VCID-4fn8-ab2r-23dk
summary Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00024.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00024.html
1
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
2
reference_url https://github.com/advisories/GHSA-42fp-4hm3-j8r7
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-42fp-4hm3-j8r7
3
reference_url https://github.com/moinwiki/moin-1.9
reference_id
reference_type
scores
url https://github.com/moinwiki/moin-1.9
4
reference_url https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024
reference_id
reference_type
scores
url https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2018-47.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2018-47.yaml
6
reference_url https://lists.debian.org/debian-lts-announce/2018/10/msg00007.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/10/msg00007.html
7
reference_url https://usn.ubuntu.com/3794-1
reference_id
reference_type
scores
url https://usn.ubuntu.com/3794-1
8
reference_url https://usn.ubuntu.com/3794-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3794-1/
9
reference_url https://www.debian.org/security/2018/dsa-4318
reference_id
reference_type
scores
url https://www.debian.org/security/2018/dsa-4318
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5934
reference_id CVE-2017-5934
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-5934
fixed_packages
0
url pkg:pypi/moin@1.9.10
purl pkg:pypi/moin@1.9.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yaq-3m4p-q3bu
1
vulnerability VCID-kjqq-u9hy-5yda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.10
aliases CVE-2017-5934, GHSA-42fp-4hm3-j8r7, PYSEC-2018-47
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4fn8-ab2r-23dk
5
url VCID-4q2t-yhg6-k3dg
vulnerability_id VCID-4q2t-yhg6-k3dg
summary Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as exploited in the wild in July 2012.
references
0
reference_url http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f
1
reference_url http://moinmo.in/MoinMoinRelease1.9
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinRelease1.9
2
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
3
reference_url https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599
reference_id
reference_type
scores
url https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599
4
reference_url http://secunia.com/advisories/51663
reference_id
reference_type
scores
url http://secunia.com/advisories/51663
5
reference_url http://secunia.com/advisories/51676
reference_id
reference_type
scores
url http://secunia.com/advisories/51676
6
reference_url http://secunia.com/advisories/51696
reference_id
reference_type
scores
url http://secunia.com/advisories/51696
7
reference_url https://github.com/moinwiki/moin
reference_id
reference_type
scores
url https://github.com/moinwiki/moin
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-6.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-6.yaml
9
reference_url https://web.archive.org/web/20200228165146/http://www.securityfocus.com/bid/57082
reference_id
reference_type
scores
url https://web.archive.org/web/20200228165146/http://www.securityfocus.com/bid/57082
10
reference_url http://ubuntu.com/usn/usn-1680-1
reference_id
reference_type
scores
url http://ubuntu.com/usn/usn-1680-1
11
reference_url http://www.debian.org/security/2012/dsa-2593
reference_id
reference_type
scores
url http://www.debian.org/security/2012/dsa-2593
12
reference_url http://www.exploit-db.com/exploits/25304
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/25304
13
reference_url http://www.openwall.com/lists/oss-security/2012/12/29/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/12/29/6
14
reference_url http://www.openwall.com/lists/oss-security/2012/12/30/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/12/30/4
15
reference_url http://www.securityfocus.com/bid/57082
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/57082
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6081
reference_id CVE-2012-6081
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2012-6081
17
reference_url https://github.com/advisories/GHSA-m2c4-jgmm-fvq3
reference_id GHSA-m2c4-jgmm-fvq3
reference_type
scores
url https://github.com/advisories/GHSA-m2c4-jgmm-fvq3
fixed_packages
0
url pkg:pypi/moin@1.9.6
purl pkg:pypi/moin@1.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kv8-4wn6-yydy
1
vulnerability VCID-2yaq-3m4p-q3bu
2
vulnerability VCID-4fn8-ab2r-23dk
3
vulnerability VCID-5hn2-1bvq-jfdh
4
vulnerability VCID-kjqq-u9hy-5yda
5
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.6
aliases CVE-2012-6081, GHSA-m2c4-jgmm-fvq3, PYSEC-2013-6
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4q2t-yhg6-k3dg
6
url VCID-5hn2-1bvq-jfdh
vulnerability_id VCID-5hn2-1bvq-jfdh
summary MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
references
0
reference_url https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
reference_id
reference_type
scores
url https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
1
reference_url http://www.debian.org/security/2016/dsa-3715
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3715
2
reference_url http://www.securityfocus.com/bid/94259
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94259
3
reference_url http://www.ubuntu.com/usn/USN-3137-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3137-1
fixed_packages
0
url pkg:pypi/moin@1.9.9
purl pkg:pypi/moin@1.9.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yaq-3m4p-q3bu
1
vulnerability VCID-4fn8-ab2r-23dk
2
vulnerability VCID-kjqq-u9hy-5yda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.9
aliases CVE-2016-7148, PYSEC-2016-31
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hn2-1bvq-jfdh
7
url VCID-8xsp-chsd-cfhp
vulnerability_id VCID-8xsp-chsd-cfhp
summary Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995
1
reference_url http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038490.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038490.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038574.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038574.html
4
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038706.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038706.html
5
reference_url https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022
reference_id
reference_type
scores
url https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=578801
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=578801
7
reference_url http://secunia.com/advisories/39188
reference_id
reference_type
scores
url http://secunia.com/advisories/39188
8
reference_url http://secunia.com/advisories/39190
reference_id
reference_type
scores
url http://secunia.com/advisories/39190
9
reference_url http://secunia.com/advisories/39267
reference_id
reference_type
scores
url http://secunia.com/advisories/39267
10
reference_url http://secunia.com/advisories/39284
reference_id
reference_type
scores
url http://secunia.com/advisories/39284
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/57435
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/57435
12
reference_url https://github.com/moinwiki/moin
reference_id
reference_type
scores
url https://github.com/moinwiki/moin
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-28.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-28.yaml
14
reference_url https://web.archive.org/web/20151017002542/http://secunia.com/advisories/39284
reference_id
reference_type
scores
url https://web.archive.org/web/20151017002542/http://secunia.com/advisories/39284
15
reference_url https://web.archive.org/web/20151017033127/http://secunia.com/advisories/39267
reference_id
reference_type
scores
url https://web.archive.org/web/20151017033127/http://secunia.com/advisories/39267
16
reference_url https://web.archive.org/web/20151017033557/http://secunia.com/advisories/39190
reference_id
reference_type
scores
url https://web.archive.org/web/20151017033557/http://secunia.com/advisories/39190
17
reference_url https://web.archive.org/web/20151104183344/http://secunia.com/advisories/39188
reference_id
reference_type
scores
url https://web.archive.org/web/20151104183344/http://secunia.com/advisories/39188
18
reference_url https://web.archive.org/web/20200228163431/http://www.securityfocus.com/bid/39110
reference_id
reference_type
scores
url https://web.archive.org/web/20200228163431/http://www.securityfocus.com/bid/39110
19
reference_url https://web.archive.org/web/20200228163432/http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca
reference_id
reference_type
scores
url https://web.archive.org/web/20200228163432/http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca
20
reference_url https://web.archive.org/web/20220927220946/http://hg.moinmo.in/moin/1.9/rev/689e2b04bd4d
reference_id
reference_type
scores
url https://web.archive.org/web/20220927220946/http://hg.moinmo.in/moin/1.9/rev/689e2b04bd4d
21
reference_url https://web.archive.org/web/20221003055226/http://hg.moinmo.in/moin/1.9/rev/788131dd21c3
reference_id
reference_type
scores
url https://web.archive.org/web/20221003055226/http://hg.moinmo.in/moin/1.9/rev/788131dd21c3
22
reference_url https://web.archive.org/web/20221025223621/http://hg.moinmo.in/moin/1.8
reference_id
reference_type
scores
url https://web.archive.org/web/20221025223621/http://hg.moinmo.in/moin/1.8
23
reference_url https://www.debian.org/security/2010/dsa-2024
reference_id
reference_type
scores
url https://www.debian.org/security/2010/dsa-2024
24
reference_url https://www.ubuntu.com/usn/USN-925-1
reference_id
reference_type
scores
url https://www.ubuntu.com/usn/USN-925-1
25
reference_url http://www.debian.org/security/2010/dsa-2024
reference_id
reference_type
scores
url http://www.debian.org/security/2010/dsa-2024
26
reference_url http://www.securityfocus.com/bid/39110
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/39110
27
reference_url http://www.ubuntu.com/usn/USN-925-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-925-1
28
reference_url http://www.vupen.com/english/advisories/2010/0767
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0767
29
reference_url http://www.vupen.com/english/advisories/2010/0831
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0831
30
reference_url http://www.vupen.com/english/advisories/2010/0834
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0834
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-0828
reference_id CVE-2010-0828
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2010-0828
32
reference_url https://github.com/advisories/GHSA-fc72-v54c-x9jg
reference_id GHSA-fc72-v54c-x9jg
reference_type
scores
url https://github.com/advisories/GHSA-fc72-v54c-x9jg
fixed_packages
0
url pkg:pypi/moin@1.8.8
purl pkg:pypi/moin@1.8.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.8.8
1
url pkg:pypi/moin@1.9.3
purl pkg:pypi/moin@1.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5hn2-1bvq-jfdh
7
vulnerability VCID-h1wf-35g5-5ucz
8
vulnerability VCID-kjqq-u9hy-5yda
9
vulnerability VCID-qgm9-pnrw-p3ak
10
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3
aliases CVE-2010-0828, GHSA-fc72-v54c-x9jg, PYSEC-2010-28
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xsp-chsd-cfhp
8
url VCID-9ck2-p7hx-4qex
vulnerability_id VCID-9ck2-p7hx-4qex
summary Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809
1
reference_url http://hg.moinmo.in/moin/1.7/rev/37306fba2189
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.7/rev/37306fba2189
2
reference_url http://hg.moinmo.in/moin/1.8/raw-file/1.8.8/docs/CHANGES
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.8/raw-file/1.8.8/docs/CHANGES
3
reference_url http://hg.moinmo.in/moin/1.8/rev/4238b0c90871
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.8/rev/4238b0c90871
4
reference_url http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES
5
reference_url http://hg.moinmo.in/moin/1.9/rev/68ba3cc79513
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.9/rev/68ba3cc79513
6
reference_url http://hg.moinmo.in/moin/1.9/rev/e50b087c4572
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.9/rev/e50b087c4572
7
reference_url http://marc.info/?l=oss-security&m=127799369406968&w=2
reference_id
reference_type
scores
url http://marc.info/?l=oss-security&m=127799369406968&w=2
8
reference_url http://marc.info/?l=oss-security&m=127809682420259&w=2
reference_id
reference_type
scores
url http://marc.info/?l=oss-security&m=127809682420259&w=2
9
reference_url http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg
10
reference_url http://moinmo.in/MoinMoinRelease1.8
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinRelease1.8
11
reference_url http://moinmo.in/MoinMoinRelease1.9
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinRelease1.9
12
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
13
reference_url http://secunia.com/advisories/40836
reference_id
reference_type
scores
url http://secunia.com/advisories/40836
14
reference_url http://www.debian.org/security/2010/dsa-2083
reference_id
reference_type
scores
url http://www.debian.org/security/2010/dsa-2083
15
reference_url http://www.securityfocus.com/bid/40549
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/40549
16
reference_url http://www.vupen.com/english/advisories/2010/1981
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/1981
fixed_packages
0
url pkg:pypi/moin@1.8.8
purl pkg:pypi/moin@1.8.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.8.8
1
url pkg:pypi/moin@1.9.3
purl pkg:pypi/moin@1.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5hn2-1bvq-jfdh
7
vulnerability VCID-h1wf-35g5-5ucz
8
vulnerability VCID-kjqq-u9hy-5yda
9
vulnerability VCID-qgm9-pnrw-p3ak
10
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3
aliases CVE-2010-2487, PYSEC-2010-16
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ck2-p7hx-4qex
9
url VCID-aduk-vjjh-c3gc
vulnerability_id VCID-aduk-vjjh-c3gc
summary Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054544.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054544.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055116.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055116.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055124.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055124.html
3
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
4
reference_url http://secunia.com/advisories/43413
reference_id
reference_type
scores
url http://secunia.com/advisories/43413
5
reference_url http://secunia.com/advisories/43665
reference_id
reference_type
scores
url http://secunia.com/advisories/43665
6
reference_url http://secunia.com/advisories/50885
reference_id
reference_type
scores
url http://secunia.com/advisories/50885
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/65545
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/65545
8
reference_url http://www.debian.org/security/2011/dsa-2321
reference_id
reference_type
scores
url http://www.debian.org/security/2011/dsa-2321
9
reference_url http://www.securityfocus.com/bid/46476
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/46476
10
reference_url http://www.ubuntu.com/usn/USN-1604-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1604-1
11
reference_url http://www.vupen.com/english/advisories/2011/0455
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0455
12
reference_url http://www.vupen.com/english/advisories/2011/0571
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0571
13
reference_url http://www.vupen.com/english/advisories/2011/0588
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0588
fixed_packages
0
url pkg:pypi/moin@1.9.3
purl pkg:pypi/moin@1.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5hn2-1bvq-jfdh
7
vulnerability VCID-h1wf-35g5-5ucz
8
vulnerability VCID-kjqq-u9hy-5yda
9
vulnerability VCID-qgm9-pnrw-p3ak
10
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3
aliases CVE-2011-1058, PYSEC-2011-6
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aduk-vjjh-c3gc
10
url VCID-kjqq-u9hy-5yda
vulnerability_id VCID-kjqq-u9hy-5yda
summary The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.
references
0
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
1
reference_url https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-52q8-877j-gghq
reference_id
reference_type
scores
url https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-52q8-877j-gghq
2
reference_url https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html
3
reference_url https://www.debian.org/security/2020/dsa-4787
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4787
fixed_packages
0
url pkg:pypi/moin@1.9.11
purl pkg:pypi/moin@1.9.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.11
aliases CVE-2020-25074, GHSA-52q8-877j-gghq, PYSEC-2020-67
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjqq-u9hy-5yda
11
url VCID-tkp3-e758-suhx
vulnerability_id VCID-tkp3-e758-suhx
summary Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url https://moinmo.in/SecurityFixes
1
reference_url http://www.debian.org/security/2016/dsa-3715
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3715
2
reference_url http://www.securityfocus.com/bid/94501
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94501
3
reference_url http://www.ubuntu.com/usn/USN-3137-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3137-1
fixed_packages
0
url pkg:pypi/moin@1.9.8
purl pkg:pypi/moin@1.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kv8-4wn6-yydy
1
vulnerability VCID-2yaq-3m4p-q3bu
2
vulnerability VCID-4fn8-ab2r-23dk
3
vulnerability VCID-5hn2-1bvq-jfdh
4
vulnerability VCID-kjqq-u9hy-5yda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.8
aliases CVE-2016-9119, PYSEC-2017-20
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkp3-e758-suhx
Fixing_vulnerabilities
0
url VCID-3fgh-8nmt-2fgp
vulnerability_id VCID-3fgh-8nmt-2fgp
summary Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975
1
reference_url http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html
4
reference_url http://marc.info/?l=oss-security&m=126625972814888&w=2
reference_id
reference_type
scores
url http://marc.info/?l=oss-security&m=126625972814888&w=2
5
reference_url http://marc.info/?l=oss-security&m=126676896601156&w=2
reference_id
reference_type
scores
url http://marc.info/?l=oss-security&m=126676896601156&w=2
6
reference_url http://moinmo.in/MoinMoinRelease1.8
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinRelease1.8
7
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=565604
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=565604
9
reference_url http://secunia.com/advisories/38444
reference_id
reference_type
scores
url http://secunia.com/advisories/38444
10
reference_url http://secunia.com/advisories/38709
reference_id
reference_type
scores
url http://secunia.com/advisories/38709
11
reference_url http://secunia.com/advisories/38903
reference_id
reference_type
scores
url http://secunia.com/advisories/38903
12
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/56002
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/56002
13
reference_url https://github.com/moinwiki/moin
reference_id
reference_type
scores
url https://github.com/moinwiki/moin
14
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-15.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-15.yaml
15
reference_url https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903
reference_id
reference_type
scores
url https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903
16
reference_url https://web.archive.org/web/20140725192956/http://secunia.com/advisories/38709
reference_id
reference_type
scores
url https://web.archive.org/web/20140725192956/http://secunia.com/advisories/38709
17
reference_url https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444
reference_id
reference_type
scores
url https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444
18
reference_url https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023
reference_id
reference_type
scores
url https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023
19
reference_url http://www.debian.org/security/2010/dsa-2014
reference_id
reference_type
scores
url http://www.debian.org/security/2010/dsa-2014
20
reference_url http://www.openwall.com/lists/oss-security/2010/02/15/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/02/15/2
21
reference_url http://www.osvdb.org/62043
reference_id
reference_type
scores
url http://www.osvdb.org/62043
22
reference_url http://www.securityfocus.com/bid/38023
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/38023
23
reference_url http://www.vupen.com/english/advisories/2010/0266
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0266
24
reference_url http://www.vupen.com/english/advisories/2010/0600
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0600
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-0668
reference_id CVE-2010-0668
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2010-0668
26
reference_url https://github.com/advisories/GHSA-574f-mh6m-c6qm
reference_id GHSA-574f-mh6m-c6qm
reference_type
scores
url https://github.com/advisories/GHSA-574f-mh6m-c6qm
fixed_packages
0
url pkg:pypi/moin@1.8.7
purl pkg:pypi/moin@1.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5hn2-1bvq-jfdh
7
vulnerability VCID-8xsp-chsd-cfhp
8
vulnerability VCID-9ck2-p7hx-4qex
9
vulnerability VCID-aduk-vjjh-c3gc
10
vulnerability VCID-kjqq-u9hy-5yda
11
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.8.7
1
url pkg:pypi/moin@1.9.2
purl pkg:pypi/moin@1.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5dkr-jfqu-4kfq
7
vulnerability VCID-5hn2-1bvq-jfdh
8
vulnerability VCID-8xsp-chsd-cfhp
9
vulnerability VCID-9ck2-p7hx-4qex
10
vulnerability VCID-aduk-vjjh-c3gc
11
vulnerability VCID-kjqq-u9hy-5yda
12
vulnerability VCID-qgm9-pnrw-p3ak
13
vulnerability VCID-tkp3-e758-suhx
14
vulnerability VCID-xz41-zzdr-6ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.2
aliases CVE-2010-0668, GHSA-574f-mh6m-c6qm, PYSEC-2010-15
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fgh-8nmt-2fgp
1
url VCID-551s-jjxy-qfer
vulnerability_id VCID-551s-jjxy-qfer
summary MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.
references
0
reference_url http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
1
reference_url http://moinmo.in/MoinMoinRelease1.8
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinRelease1.8
2
reference_url http://moinmo.in/SecurityFixes
reference_id
reference_type
scores
url http://moinmo.in/SecurityFixes
3
reference_url http://secunia.com/advisories/38444
reference_id
reference_type
scores
url http://secunia.com/advisories/38444
4
reference_url http://secunia.com/advisories/38903
reference_id
reference_type
scores
url http://secunia.com/advisories/38903
5
reference_url https://github.com/moinwiki/moin
reference_id
reference_type
scores
url https://github.com/moinwiki/moin
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-2.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-2.yaml
7
reference_url https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903
reference_id
reference_type
scores
url https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903
8
reference_url https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444
reference_id
reference_type
scores
url https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444
9
reference_url https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023
reference_id
reference_type
scores
url https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023
10
reference_url http://www.debian.org/security/2010/dsa-2014
reference_id
reference_type
scores
url http://www.debian.org/security/2010/dsa-2014
11
reference_url http://www.openwall.com/lists/oss-security/2010/02/15/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/02/15/2
12
reference_url http://www.openwall.com/lists/oss-security/2010/02/15/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/02/15/4
13
reference_url http://www.openwall.com/lists/oss-security/2010/02/21/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/02/21/2
14
reference_url http://www.securityfocus.com/bid/38023
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/38023
15
reference_url http://www.vupen.com/english/advisories/2010/0600
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0600
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-0669
reference_id CVE-2010-0669
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2010-0669
17
reference_url https://github.com/advisories/GHSA-977v-29j9-9rxc
reference_id GHSA-977v-29j9-9rxc
reference_type
scores
url https://github.com/advisories/GHSA-977v-29j9-9rxc
fixed_packages
0
url pkg:pypi/moin@1.8.7
purl pkg:pypi/moin@1.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5hn2-1bvq-jfdh
7
vulnerability VCID-8xsp-chsd-cfhp
8
vulnerability VCID-9ck2-p7hx-4qex
9
vulnerability VCID-aduk-vjjh-c3gc
10
vulnerability VCID-kjqq-u9hy-5yda
11
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.8.7
1
url pkg:pypi/moin@1.9.2
purl pkg:pypi/moin@1.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5dkr-jfqu-4kfq
7
vulnerability VCID-5hn2-1bvq-jfdh
8
vulnerability VCID-8xsp-chsd-cfhp
9
vulnerability VCID-9ck2-p7hx-4qex
10
vulnerability VCID-aduk-vjjh-c3gc
11
vulnerability VCID-kjqq-u9hy-5yda
12
vulnerability VCID-qgm9-pnrw-p3ak
13
vulnerability VCID-tkp3-e758-suhx
14
vulnerability VCID-xz41-zzdr-6ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.2
aliases CVE-2010-0669, GHSA-977v-29j9-9rxc, PYSEC-2010-2
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-551s-jjxy-qfer
2
url VCID-qcmp-zvgm-8bcm
vulnerability_id VCID-qcmp-zvgm-8bcm
summary The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.
references
0
reference_url http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
reference_id
reference_type
scores
url http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
1
reference_url http://moinmo.in/MoinMoinRelease1.8
reference_id
reference_type
scores
url http://moinmo.in/MoinMoinRelease1.8
2
reference_url http://secunia.com/advisories/38903
reference_id
reference_type
scores
url http://secunia.com/advisories/38903
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/56595
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/56595
4
reference_url https://github.com/moinwiki/moin
reference_id
reference_type
scores
url https://github.com/moinwiki/moin
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-3.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-3.yaml
6
reference_url https://web.archive.org/web/20140807024009/http://secunia.com/advisories/38903
reference_id
reference_type
scores
url https://web.archive.org/web/20140807024009/http://secunia.com/advisories/38903
7
reference_url http://www.debian.org/security/2010/dsa-2014
reference_id
reference_type
scores
url http://www.debian.org/security/2010/dsa-2014
8
reference_url http://www.openwall.com/lists/oss-security/2010/02/15/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/02/15/2
9
reference_url http://www.vupen.com/english/advisories/2010/0600
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/0600
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-0717
reference_id CVE-2010-0717
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2010-0717
11
reference_url https://github.com/advisories/GHSA-5jjr-gmq3-f986
reference_id GHSA-5jjr-gmq3-f986
reference_type
scores
url https://github.com/advisories/GHSA-5jjr-gmq3-f986
fixed_packages
0
url pkg:pypi/moin@1.8.7
purl pkg:pypi/moin@1.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fak-dar5-tuet
1
vulnerability VCID-1kv8-4wn6-yydy
2
vulnerability VCID-2yaq-3m4p-q3bu
3
vulnerability VCID-3z75-azrr-2qac
4
vulnerability VCID-4fn8-ab2r-23dk
5
vulnerability VCID-4q2t-yhg6-k3dg
6
vulnerability VCID-5hn2-1bvq-jfdh
7
vulnerability VCID-8xsp-chsd-cfhp
8
vulnerability VCID-9ck2-p7hx-4qex
9
vulnerability VCID-aduk-vjjh-c3gc
10
vulnerability VCID-kjqq-u9hy-5yda
11
vulnerability VCID-tkp3-e758-suhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.8.7
aliases CVE-2010-0717, GHSA-5jjr-gmq3-f986, PYSEC-2010-3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcmp-zvgm-8bcm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.8.7