High severity7.5NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026

CVE-2017-1000024

Description

Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission

Affected products

GNOME Foundation/Shotwell
cpe:2.3:a:gnome:shotwell:*:*:*:*:*:*:*:*
Range: >=0.24.0,<=0.24.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

mail.gnome.org/archives/shotwell-list/2017-January/msg00048.htmlnvdMailing ListVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000