GHSA-574f-mh6m-c6qm

Suggest an improvement
Source
https://github.com/advisories/GHSA-574f-mh6m-c6qm
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-574f-mh6m-c6qm/GHSA-574f-mh6m-c6qm.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-574f-mh6m-c6qm
Aliases
Published
2022-05-02T06:14:39Z
Modified
2024-12-06T05:30:42.818286Z
Summary
MoinMoin has multiple vulnerabilities related to superuser list, xmlrpc and OpenID configuration
Details

Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.

Database specific 
{
    "github_reviewed": true,
    "severity": "MODERATE",
    "github_reviewed_at": "2024-04-29T11:24:59Z",
    "nvd_published_at": "2010-02-26T19:30:00Z",
    "cwe_ids": []
}
References

Affected packages

PyPI / moin

Package

Name
moin
View open source insights on deps.dev
Purl
pkg:pypi/moin

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.5
Fixed
1.8.7

Affected versions

1.*
1.8.4
1.8.5
1.8.6

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-574f-mh6m-c6qm/GHSA-574f-mh6m-c6qm.json"

PyPI / moin

Package

Name
moin
View open source insights on deps.dev
Purl
pkg:pypi/moin

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.9
Fixed
1.9.2

Affected versions

1.*
1.9.0
1.9.1

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-574f-mh6m-c6qm/GHSA-574f-mh6m-c6qm.json"