VulnerableCode Package Details - pkg:pypi/moin@1.6.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/moin@1.6.1

Essentials
History (3)

purl	pkg:pypi/moin@1.6.1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-4dkx-yws7-63dh	MoinMoin Cross-site scripting (XSS) vulnerability Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action.	CVE-2008-0780 GHSA-53wj-6m7w-j6mj
VCID-u9dm-y7hk-ebfb	The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.	CVE-2008-6549 GHSA-wjjc-m3fc-fcm8 PYSEC-2009-12

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:43:43.826617+00:00	GitLab Importer	Fixing	VCID-u9dm-y7hk-ebfb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/moin/CVE-2008-6549.yml	38.6.0
2026-06-02T04:42:17.435377+00:00	GitLab Importer	Fixing	VCID-4dkx-yws7-63dh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/moin/CVE-2008-0780.yml	38.6.0
2026-06-02T04:03:07.986789+00:00	Pypa Importer	Fixing	VCID-u9dm-y7hk-ebfb	https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2009-12.yaml	38.6.0