Information disclosure in Moinmo Moinmoin

CVE-2010-0667

MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vec…

Vulnerability class: Information Disclosure

EPSS: 0.009 (76.5th percentile) — read the EPSS interpretation.

Affected products

Moinmo Moinmoin — versions 1.9.0
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)
[oss-security] 20100215 Re: CVE Request -- MoinMoin -- 1.8.7 (mailing-list, x_refsource_MLIST)
[oss-security] 20100221 Re: CVE Request -- MoinMoin -- 1.8.7 (mailing-list, x_refsource_MLIST)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
38242 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
[oss-security] 20100121 CVE request: MoinMoin information disclosure (mailing-list, x_refsource_MLIST)
[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7 (mailing-list, x_refsource_MLIST)