Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01NzRmLW1oNm0tYzZxbc3UmA
MoinMoin has multiple vulnerabilities related to superuser list, xmlrpc and OpenID configuration
Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.
Permalink: https://github.com/advisories/GHSA-574f-mh6m-c6qmJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01NzRmLW1oNm0tYzZxbc3UmA
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 2 years ago
Updated: 19 days ago
Identifiers: GHSA-574f-mh6m-c6qm, CVE-2010-0668
References:
- https://nvd.nist.gov/vuln/detail/CVE-2010-0668
- https://bugzilla.redhat.com/show_bug.cgi?id=565604
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56002
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975
- http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html
- http://marc.info/?l=oss-security&m=126625972814888&w=2
- http://marc.info/?l=oss-security&m=126676896601156&w=2
- http://moinmo.in/MoinMoinRelease1.8
- http://moinmo.in/SecurityFixes
- http://www.debian.org/security/2010/dsa-2014
- http://www.openwall.com/lists/oss-security/2010/02/15/2
- https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903
- https://web.archive.org/web/20140725192956/http://secunia.com/advisories/38709
- https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444
- https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023
- https://github.com/advisories/GHSA-574f-mh6m-c6qm
Affected Packages
pypi:moin
Dependent packages: 0Dependent repositories: 46
Downloads: 208 last month
Affected Version Ranges: >= 1.9, < 1.9.2, >= 1.5, < 1.8.7
Fixed in: 1.9.2, 1.8.7
All affected versions: 1.8.4, 1.8.5, 1.8.6, 1.9.0, 1.9.1
All unaffected versions: 1.8.7, 1.9.2, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.9.9, 1.9.10, 1.9.11