CVE-2017-1000024

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-1000024
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000024.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-1000024
Downstream
Related
Published
2017-07-17T13:18:16.673Z
Modified
2026-02-13T08:04:30.426906Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission

References

Affected packages

Git / gitlab.gnome.org/GNOME/shotwell

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/GNOME/shotwell
Events
Introduced
8cc28654affe568f156bc74a20fb4959160ac872
Last affected
e5a192163148d01708684bc38c4442824fda8178
Introduced
c6d5fe9bb77d97c534f8239c6331dc1f41df324b
Last affected
cc6a255b7203b8fb1e2d24ba81f83cec143185e6

Affected versions

shotwell-0.*
shotwell-0.25.0
shotwell-0.25.1
shotwell-0.25.2
shotwell-0.25.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000024.json"