PT-2010-2468 · Moinmoin · Moinmoin

Jan Lieskovsky

Publicado

2010-02-26

Atualizado

2022-05-02

CVE-2010-0717

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions MoinMoin versions prior to 1.8.7

Description The default configuration of cfg.packagepages actions excluded in MoinMoin does not prevent unsafe package actions, which has unspecified impact and attack vectors.

Recommendations For versions prior to 1.8.7, update to version 1.8.7 or later to resolve the issue. As a temporary workaround, consider modifying the cfg.packagepages actions excluded configuration to exclude unsafe package actions until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-16

Identificadores relacionados

CVE-2010-0717

DSA-2014-1

GHSA-5JJR-GMQ3-F986

PYSEC-2010-3

Produtos afetados

Moinmoin

PT-2010-2468 · Moinmoin · Moinmoin

CVE-2010-0717

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14