high
7.5
CWE
16
Advisory Published
Advisory Published
Updated

CVE-2010-0717

First published: Fri Feb 26 2010(Updated: )

The default configuration of `cfg.packagepages_actions_excluded` in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
pip/moin<1.8.7
1.8.7
MoinMoin<=1.8.6
MoinMoin=1.5.0
MoinMoin=1.5.0-beta1
MoinMoin=1.5.0-beta2
MoinMoin=1.5.0-beta3
MoinMoin=1.5.0-beta4
MoinMoin=1.5.0-beta5
MoinMoin=1.5.0-beta6
MoinMoin=1.5.0-rc1
MoinMoin=1.5.1
MoinMoin=1.5.2
MoinMoin=1.5.3
MoinMoin=1.5.3-rc1
MoinMoin=1.5.3-rc2
MoinMoin=1.5.4
MoinMoin=1.5.5
MoinMoin=1.5.5-rc1
MoinMoin=1.5.5a
MoinMoin=1.5.6
MoinMoin=1.5.7
MoinMoin=1.5.8
MoinMoin=1.6.0
MoinMoin=1.6.0-beta1
MoinMoin=1.6.0-beta2
MoinMoin=1.6.0-rc1
MoinMoin=1.6.0-rc2
MoinMoin=1.6.1
MoinMoin=1.6.2
MoinMoin=1.6.3
MoinMoin=1.6.4
MoinMoin=1.7.0
MoinMoin=1.7.0-beta1
MoinMoin=1.7.0-beta2
MoinMoin=1.7.0-rc1
MoinMoin=1.7.0-rc2
MoinMoin=1.7.0-rc3
MoinMoin=1.7.1
MoinMoin=1.7.2
MoinMoin=1.7.3
MoinMoin=1.8.0
MoinMoin=1.8.1
MoinMoin=1.8.2
MoinMoin=1.8.3
MoinMoin=1.8.4

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2010-0717?

    CVE-2010-0717 has not been assigned a specific severity rating but presents unspecified impacts and attack vectors that may compromise security.

  • How do I fix CVE-2010-0717?

    To fix CVE-2010-0717, upgrade to MoinMoin version 1.8.7 or later, where the default configuration addresses the vulnerability.

  • Which versions of MoinMoin are affected by CVE-2010-0717?

    CVE-2010-0717 affects all versions of MoinMoin prior to 1.8.7, including version 1.5.0 through 1.8.6.

  • What configuration change addresses CVE-2010-0717?

    Changing the default configuration of cfg.packagepages_actions_excluded in MoinMoin prior to 1.8.7 is necessary to mitigate the risk of unsafe package actions.

  • Is there a specific attack vector identified for CVE-2010-0717?

    CVE-2010-0717 does not specify particular attack vectors, indicating a general vulnerability to unsafe package actions.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203