CVE-2007-0902 – moin

Package

Manager: pip
Name: moin
Vulnerable Version: =1.5.7 || >=1.5.7 <1.5.8

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00381 pctl0.58767

Details

MoinMoin Insertion of Sensitive Information into Log File An information leak was discovered in MoinMoin's debug reporting version 1.5.7, which could expose information about the versions of software running on the host system. MoinMoin administrators can add "show_traceback=0" to their site configurations to disable debug tracebacks.

Metadata

Created: 2022-05-01T17:47:55Z
Modified: 2024-05-14T20:50:29Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mxh8-xgq9-w782/GHSA-mxh8-xgq9-w782.json
CWE IDs: ["CWE-532"]
Alternative ID: GHSA-mxh8-xgq9-w782
Finding: F183
Auto approve: 1