CVE-2010-0667 — Sensitive Information Exposure in Moinmoin

CWE-200 — Sensitive Information Exposure6 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 23.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Moinmo Moinmoin

Timeline

PublishedFeb 26

Latest updateMay 2

Description

MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmoinmo/moinmoin1.9.0

🔴Vulnerability Details

OSV

MoinMoin Exposure of Sensitive Disclosure when GATEWAY_INTERFACE variable is set↗2022-05-02

▶

GHSA

MoinMoin Exposure of Sensitive Disclosure when GATEWAY_INTERFACE variable is set↗2022-05-02

▶

OSV

CVE-2010-0667: MoinMoin 1↗2010-02-26

▶

📋Vendor Advisories

Red Hat

moin information disclosure vulnerability↗2010-01-19

▶

💬Community

Bugzilla

CVE-2010-0667 moin information disclosure vulnerability↗2010-01-20

▶