PyPi: Moin

CVE-2016-9119

Safety vulnerability ID: 39587

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jan 30, 2017 Updated at Aug 06, 2024
Scan your Python projects for vulnerabilities →

Advisory

Moin 1.9.10 includes a security fix for CVE-2016-9119.

Affected package

moin

Latest version: 1.9.11

MoinMoin 1.9.11 is an easy to use, full-featured and extensible wiki software package

Affected versions

Fixed versions

Vulnerability changelog

This version is still Python 1.5.2 compatible, but it's not extensively tested for that version and some parts of the system might not work there, especially seldom used macros and actions. Bug reports welcome! New features: * "deprecated" processing instruction * config entry "SecurityPolicy" to allow for customized permissions (see "security.py" for more) * added distutils support * though not extensively tested, the standalone server now does POST requests, i.e. you can save pages; there are still problems with persistent global variables! It only works for Python >= 2.0. * "bang_meta" config variable and "!NotWikiWord" markup * "url_mappings" config variable to dynamically change URL prefixes (especially useful in intranets, when whole trees of externally hosted documents move around) * setting "mail_smarthost" and "mail_from" activates mailing features (sending login data on the UserPreferences page) * very useful for intranet developer wikis, a means to view pydoc documentation, formatted via a XSLT stylesheet, for details see http://purl.net/wiki/python/TeudViewer?module=MoinMoin.macro.TeudView or MoinMoin/macro/TeudView.py * "LocalSiteMap" action by Steve Howell <showellzipcon.com> * Added FOLDOC to intermap.txt Bugfixes: * Full config defaults, import MoinMoin now works w/o moin_config.py * Better control over permissions with config.umask * Bugfix for a UNIX time billenium bug (affecting RecentChanges sorting and page diffs) * data paths with directory names containing dots caused problems -----------------------------------------------------------------------------

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 6.1

CVSS v3 Details

MEDIUM 6.1
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
REQUIRED
Scope (S)
CHANGED
Confidentiality Impact (C)
LOW
Integrity Impact (I)
LOW
Availability Availability (A)
NONE

CVSS v2 Details

MEDIUM 4.3
Access Vector (AV)
NETWORK
Access Complexity (AC)
MEDIUM
Authentication (Au)
NONE
Confidentiality Impact (C)
NONE
Integrity Impact (I)
PARTIAL
Availability Impact (A)
NONE