Lucene search
GoogleOSV:PYSEC-2020-67HistoryNov 10, 2020 - 5:15 p.m.
PYSEC-2020-67
2020-11-1017:15:00
Google
osv.dev
16
cache action
directory traversal
moinmoin
remote code execution
http request
attachments
security vulnerability
EPSS
0.014
Percentile
86.9%
The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.
Related
ubuntucve
ubuntucve
CVE-2020-25074
2020-11-09 00:00:00
prion
prion
Directory traversal
2020-11-10 17:15:00
debiancve
debiancve
CVE-2020-25074
2020-11-10 17:15:12
osv
osv
CVE-2020-25074
2020-11-10 17:15:12
remote code execution via cache action in MoinMoin
2020-11-11 15:54:51
moin - security update
2020-11-10 00:00:00
github
github
remote code execution via cache action in MoinMoin
2020-11-11 15:54:51
cve
cve
CVE-2020-25074
2020-11-10 17:15:12
cvelist
cvelist
CVE-2020-25074
2020-11-10 16:48:21
nvd
nvd
CVE-2020-25074
2020-11-10 17:15:12
veracode
veracode
Remote Code Execution
2020-11-10 03:43:34
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : MoinMoin vulnerabilities (USN-4629-1)
2020-11-11 00:00:00
Debian DLA-2446-1 : moin security update
2020-11-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4787-1)
2020-11-10 00:00:00
MoinMoin < 1.9.11 Multiple Vulnerabilities - Linux
2020-11-11 00:00:00
Ubuntu: Security Advisory (USN-4629-1)
2020-11-12 00:00:00
ubuntu
ubuntu
MoinMoin vulnerabilities
2020-11-11 00:00:00
suse
suse
Security update for moinmoin-wiki (important)
2020-11-23 00:00:00
Security update for moinmoin-wiki (important)
2020-11-19 00:00:00
debian
debian
[SECURITY] [DSA 4787-1] moin security update
2020-11-09 20:27:35
[SECURITY] [DLA 2446-1] moin security update
2020-11-10 21:43:54
[SECURITY] [DSA 4787-1] moin security update
2020-11-09 20:27:35
freebsd
freebsd
moinmoin -- multiple vulnerabilities
2020-11-08 00:00:00