CVE-2017-1000024
Description
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.247
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| digital photo organizer (USN-3379-1) shotwell_0.22.0+git20160108.r1.f2fb1f7-0ubuntu3_i386.deb | Linux |
| digital photo organizer (USN-3379-1) shotwell_0.22.0+git20160108.r1.f2fb1f7-0ubuntu3_amd64.deb | Linux |
| digital photo organizer (USN-3379-1) shotwell_0.22.0+git20160108.r1.f2fb1f7-0ubuntu3.1_i386.deb | Linux |
| digital photo organizer (USN-3379-1) shotwell_0.22.0+git20160108.r1.f2fb1f7-0ubuntu3.1_amd64.deb | Linux |
| SUSE-SU-2018:0637-1(SUSE Linux Enterprise Desktop 12-SP2 ) shotwell-0.22.0+git.20160103-15.6.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0637-1(SUSE Linux Enterprise Desktop 12-SP2 ) shotwell-debuginfo-0.22.0+git.20160103-15.6.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0637-1(SUSE Linux Enterprise Desktop 12-SP2 ) shotwell-debugsource-0.22.0+git.20160103-15.6.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0637-1(SUSE Linux Enterprise Desktop 12-SP2 ) shotwell-lang-0.22.0+git.20160103-15.6.1.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234