Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/mediawiki/core@1.35.9
Typecomposer
Namespacemediawiki
Namecore
Version1.35.9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.35.12
Latest_non_vulnerable_version1.40.1
Affected_by_vulnerabilities
0
url VCID-7eba-7gsc-hbfg
vulnerability_id VCID-7eba-7gsc-hbfg
summary 
X-Forwarded-For header allows brute-forcing autoblocked IP addresses
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29141
reference_id
reference_type
scores
0
value 0.00251
scoring_system epss
scoring_elements 0.48447
published_at 2026-04-12T12:55:00Z
1
value 0.00251
scoring_system epss
scoring_elements 0.48509
published_at 2026-04-16T12:55:00Z
2
value 0.00251
scoring_system epss
scoring_elements 0.48459
published_at 2026-04-13T12:55:00Z
3
value 0.00251
scoring_system epss
scoring_elements 0.48473
published_at 2026-04-11T12:55:00Z
4
value 0.00251
scoring_system epss
scoring_elements 0.48426
published_at 2026-04-02T12:55:00Z
5
value 0.00251
scoring_system epss
scoring_elements 0.48448
published_at 2026-04-04T12:55:00Z
6
value 0.00251
scoring_system epss
scoring_elements 0.48401
published_at 2026-04-07T12:55:00Z
7
value 0.00251
scoring_system epss
scoring_elements 0.48455
published_at 2026-04-08T12:55:00Z
8
value 0.00251
scoring_system epss
scoring_elements 0.48449
published_at 2026-04-09T12:55:00Z
9
value 0.00292
scoring_system epss
scoring_elements 0.52609
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29141
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675
5
reference_url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39
6
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
7
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7
10
reference_url https://phabricator.wikimedia.org/T285159
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://phabricator.wikimedia.org/T285159
11
reference_url https://www.debian.org/security/2023/dsa-5447
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://www.debian.org/security/2023/dsa-5447
12
reference_url https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10
13
reference_url https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6
14
reference_url https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2183627
reference_id 2183627
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2183627
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-29141
reference_id CVE-2023-29141
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-29141
17
reference_url https://github.com/advisories/GHSA-5vj8-g3qg-4qh6
reference_id GHSA-5vj8-g3qg-4qh6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5vj8-g3qg-4qh6
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/
reference_id ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/
reference_id ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/
fixed_packages
0
url pkg:composer/mediawiki/core@1.35.10
purl pkg:composer/mediawiki/core@1.35.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jm7q-2w3j-buhh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.35.10
1
url pkg:composer/mediawiki/core@1.38.6
purl pkg:composer/mediawiki/core@1.38.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jm7q-2w3j-buhh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.38.6
2
url pkg:composer/mediawiki/core@1.39.3
purl pkg:composer/mediawiki/core@1.39.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jm7q-2w3j-buhh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.39.3
aliases CVE-2023-29141, GHSA-5vj8-g3qg-4qh6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7eba-7gsc-hbfg
1
url VCID-jm7q-2w3j-buhh
vulnerability_id VCID-jm7q-2w3j-buhh
summary 
MediaWiki Denial of Service vulnerability
An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45363
reference_id
reference_type
scores
0
value 0.11025
scoring_system epss
scoring_elements 0.93433
published_at 2026-04-13T12:55:00Z
1
value 0.11025
scoring_system epss
scoring_elements 0.93458
published_at 2026-04-18T12:55:00Z
2
value 0.11025
scoring_system epss
scoring_elements 0.93452
published_at 2026-04-16T12:55:00Z
3
value 0.11025
scoring_system epss
scoring_elements 0.93407
published_at 2026-04-02T12:55:00Z
4
value 0.11025
scoring_system epss
scoring_elements 0.93415
published_at 2026-04-07T12:55:00Z
5
value 0.11025
scoring_system epss
scoring_elements 0.93424
published_at 2026-04-08T12:55:00Z
6
value 0.11025
scoring_system epss
scoring_elements 0.93427
published_at 2026-04-09T12:55:00Z
7
value 0.11025
scoring_system epss
scoring_elements 0.93432
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45363
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
5
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
6
reference_url https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8
7
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html
8
reference_url https://phabricator.wikimedia.org/T333050
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://phabricator.wikimedia.org/T333050
9
reference_url https://www.debian.org/security/2023/dsa-5520
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://www.debian.org/security/2023/dsa-5520
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45363
reference_id CVE-2023-45363
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45363
11
reference_url https://github.com/advisories/GHSA-w5fx-cx7f-6vr9
reference_id GHSA-w5fx-cx7f-6vr9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w5fx-cx7f-6vr9
fixed_packages
0
url pkg:composer/mediawiki/core@1.35.12
purl pkg:composer/mediawiki/core@1.35.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.35.12
1
url pkg:composer/mediawiki/core@1.39.5
purl pkg:composer/mediawiki/core@1.39.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.39.5
2
url pkg:composer/mediawiki/core@1.40.1
purl pkg:composer/mediawiki/core@1.40.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.40.1
aliases CVE-2023-45363, GHSA-w5fx-cx7f-6vr9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jm7q-2w3j-buhh
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.35.9