Search for packages
| purl | pkg:pypi/moin@1.7.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-cu8p-mdsv-byhj | The user form processing (userform.py) in MoinMoin before 1.6.3, when using ACLs or a non-empty superusers list, does not properly manage users, which allows remote attackers to gain privileges. |
CVE-2008-1937
GHSA-rqxp-6926-hphr PYSEC-2008-12 |
| VCID-gjam-kx3q-qyak | Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
CVE-2008-3381
GHSA-q7q4-5g8p-33fq PYSEC-2008-13 |
| VCID-gteb-um2j-cfc8 | MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937. |
CVE-2008-6603
GHSA-wc8w-gh5m-62fv PYSEC-2009-13 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:42:18.071700+00:00 | GitLab Importer | Fixing | VCID-gjam-kx3q-qyak | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/moin/CVE-2008-3381.yml | 38.6.0 |
| 2026-06-02T04:03:08.130571+00:00 | Pypa Importer | Fixing | VCID-gteb-um2j-cfc8 | https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2009-13.yaml | 38.6.0 |
| 2026-06-02T04:03:07.618658+00:00 | Pypa Importer | Fixing | VCID-gjam-kx3q-qyak | https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2008-13.yaml | 38.6.0 |
| 2026-06-02T04:03:07.384199+00:00 | Pypa Importer | Fixing | VCID-cu8p-mdsv-byhj | https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2008-12.yaml | 38.6.0 |