CVE-2020-25074

NameCVE-2020-25074
DescriptionThe cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-2446-1, DSA-4787-1
NVD severityhigh

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
moin (PTS)stretch (security)1.9.9-1+deb9u2fixed
buster, stretch1.9.9-1+deb9u1vulnerable
buster (security)1.9.9-1+deb10u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
moinsourcestretch1.9.9-1+deb9u2DLA-2446-1
moinsourcebuster1.9.9-1+deb10u1DSA-4787-1
moinsource(unstable)(unfixed)

Notes

https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-52q8-877j-gghq
https://github.com/moinwiki/moin-1.9/commit/d1e5fc7d3708d877353ca64dd4aa7cfd1cde4cb4 (1.9.11)

Search for package or bug name: Reporting problems