Thomas Waldmann

**Name of the Vulnerable Software and Affected Versions** attic versions prior to 0.15 **Description** The issue allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by modifying the manifest type byte of the repository to indicate it is unencrypted. This is possible because the software does not confirm unencrypted backups with the user. **Recommendations** For versions prior to 0.15, update to version 0.15 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MoinMoin versions prior to 1.8.7 MoinMoin versions 1.9.x prior to 1.9.2 **Description** The issue is related to the improper sanitization of user profiles, which may have an unspecified impact. The attack vectors for this issue are not specified. **Recommendations** For versions prior to 1.8.7, update to version 1.8.7 or later. For versions 1.9.x prior to 1.9.2, update to version 1.9.2 or later.