CVE-2007-2637: MoinMoin Improper ACL handling for calendars and includes

May 1, 2022 (updated May 14, 2024)

MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.

References

exchange.xforce.ibmcloud.com/vulnerabilities/34474
github.com/advisories/GHSA-cmg7-xr2j-4r9v
moinmo.in/MoinMoinRelease1.5/CHANGES
nvd.nist.gov/vuln/detail/CVE-2007-2637

Code Behaviors & Features

Detect and mitigate CVE-2007-2637 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →