High severity7.5NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026
CVE-2017-1000024
CVE-2017-1000024
Description
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords4 versionspkg:rpm/suse/shotwell&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/shotwell&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/shotwell&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2pkg:rpm/suse/shotwell&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
< 0.22.0+git.20160103-15.6.1+ 3 more
- (no CPE)range: < 0.22.0+git.20160103-15.6.1
- (no CPE)range: < 0.22.0+git.20160103-15.6.1
- (no CPE)range: < 0.22.0+git.20160103-15.6.1
- (no CPE)range: < 0.22.0+git.20160103-15.6.1
Patches
Vulnerability mechanics
References
1- mail.gnome.org/archives/shotwell-list/2017-January/msg00048.htmlnvdMailing ListVendor Advisory
News mentions
0No linked articles in our index yet.