VulnerableCode Package Details - pkg:pypi/moin@1.9.11

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2yaq-3m4p-q3bu	MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrade to a patched version. MoinMoin Wiki 1.9.11 has the necessary fixes and also contains other important fixes.	CVE-2020-15275 GHSA-4q96-6xhq-ff43 PYSEC-2020-241
VCID-kjqq-u9hy-5yda	The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.	CVE-2020-25074 GHSA-52q8-877j-gghq PYSEC-2020-67

Vulnerability

Summary

Aliases

VCID-2yaq-3m4p-q3bu

MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrade to a patched version. MoinMoin Wiki 1.9.11 has the necessary fixes and also contains other important fixes.

CVE-2020-15275
GHSA-4q96-6xhq-ff43
PYSEC-2020-241

VCID-kjqq-u9hy-5yda

The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.

CVE-2020-25074
GHSA-52q8-877j-gghq
PYSEC-2020-67

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T17:24:16.452047+00:00	GithubOSV Importer	Fixing	VCID-2yaq-3m4p-q3bu	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/11/GHSA-4q96-6xhq-ff43/GHSA-4q96-6xhq-ff43.json	38.6.0
2026-06-04T17:24:08.596950+00:00	GithubOSV Importer	Fixing	VCID-kjqq-u9hy-5yda	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/11/GHSA-52q8-877j-gghq/GHSA-52q8-877j-gghq.json	38.6.0
2026-06-04T16:20:35.198013+00:00	GitLab Importer	Fixing	VCID-kjqq-u9hy-5yda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/moin/CVE-2020-25074.yml	38.6.0
2026-06-04T16:20:35.173365+00:00	GitLab Importer	Fixing	VCID-2yaq-3m4p-q3bu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/moin/CVE-2020-15275.yml	38.6.0
2026-06-02T04:07:55.897240+00:00	Pypa Importer	Fixing	VCID-2yaq-3m4p-q3bu	https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2020-241.yaml	38.6.0
2026-06-02T04:07:55.814181+00:00	Pypa Importer	Fixing	VCID-kjqq-u9hy-5yda	https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2020-67.yaml	38.6.0