PYSEC-2009-13

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2009-13.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2009-13

Aliases

Published

2009-04-03T18:30:00Z

Modified

2024-11-25T22:42:20.373946Z

Summary

[none]

Details

MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.

References

Affected packages

PyPI / moin

Package

Name: moin; View open source insights on deps.dev
Purl: pkg:pypi/moin

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.3

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2009-13.yaml"

PyPI / moin

Package

Name: moin; View open source insights on deps.dev
Purl: pkg:pypi/moin

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.7

Fixed

1.7.1

Affected versions

1.*

1.7

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2009-13.yaml"