Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/mediawiki/core@1.29.0
Typecomposer
Namespacemediawiki
Namecore
Version1.29.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.35.12
Latest_non_vulnerable_version1.40.1
Affected_by_vulnerabilities
0
url VCID-7eba-7gsc-hbfg
vulnerability_id VCID-7eba-7gsc-hbfg
summary 
X-Forwarded-For header allows brute-forcing autoblocked IP addresses
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29141
reference_id
reference_type
scores
0
value 0.00251
scoring_system epss
scoring_elements 0.48447
published_at 2026-04-12T12:55:00Z
1
value 0.00251
scoring_system epss
scoring_elements 0.48449
published_at 2026-04-09T12:55:00Z
2
value 0.00251
scoring_system epss
scoring_elements 0.48509
published_at 2026-04-16T12:55:00Z
3
value 0.00251
scoring_system epss
scoring_elements 0.48459
published_at 2026-04-13T12:55:00Z
4
value 0.00251
scoring_system epss
scoring_elements 0.48473
published_at 2026-04-11T12:55:00Z
5
value 0.00251
scoring_system epss
scoring_elements 0.48426
published_at 2026-04-02T12:55:00Z
6
value 0.00251
scoring_system epss
scoring_elements 0.48448
published_at 2026-04-04T12:55:00Z
7
value 0.00251
scoring_system epss
scoring_elements 0.48401
published_at 2026-04-07T12:55:00Z
8
value 0.00251
scoring_system epss
scoring_elements 0.48455
published_at 2026-04-08T12:55:00Z
9
value 0.00292
scoring_system epss
scoring_elements 0.52609
published_at 2026-04-18T12:55:00Z
10
value 0.00292
scoring_system epss
scoring_elements 0.52594
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29141
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675
5
reference_url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39
6
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
7
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7
10
reference_url https://phabricator.wikimedia.org/T285159
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://phabricator.wikimedia.org/T285159
11
reference_url https://www.debian.org/security/2023/dsa-5447
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://www.debian.org/security/2023/dsa-5447
12
reference_url https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10
13
reference_url https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6
14
reference_url https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2183627
reference_id 2183627
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2183627
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-29141
reference_id CVE-2023-29141
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-29141
17
reference_url https://github.com/advisories/GHSA-5vj8-g3qg-4qh6
reference_id GHSA-5vj8-g3qg-4qh6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5vj8-g3qg-4qh6
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/
reference_id ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/
reference_id ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/
fixed_packages
0
url pkg:composer/mediawiki/core@1.35.10
purl pkg:composer/mediawiki/core@1.35.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jm7q-2w3j-buhh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.35.10
1
url pkg:composer/mediawiki/core@1.38.6
purl pkg:composer/mediawiki/core@1.38.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jm7q-2w3j-buhh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.38.6
2
url pkg:composer/mediawiki/core@1.39.3
purl pkg:composer/mediawiki/core@1.39.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jm7q-2w3j-buhh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.39.3
aliases CVE-2023-29141, GHSA-5vj8-g3qg-4qh6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7eba-7gsc-hbfg
1
url VCID-9qyu-z71g-1qbq
vulnerability_id VCID-9qyu-z71g-1qbq
summary 
MediaWiki Open Redirect vulnerability
resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.34.0-rc.0 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10959.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10959.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10959
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.50738
published_at 2026-04-21T12:55:00Z
1
value 0.00273
scoring_system epss
scoring_elements 0.50757
published_at 2026-04-18T12:55:00Z
2
value 0.00273
scoring_system epss
scoring_elements 0.50752
published_at 2026-04-16T12:55:00Z
3
value 0.00273
scoring_system epss
scoring_elements 0.50727
published_at 2026-04-12T12:55:00Z
4
value 0.00273
scoring_system epss
scoring_elements 0.5075
published_at 2026-04-11T12:55:00Z
5
value 0.00273
scoring_system epss
scoring_elements 0.50701
published_at 2026-04-04T12:55:00Z
6
value 0.00273
scoring_system epss
scoring_elements 0.50712
published_at 2026-04-13T12:55:00Z
7
value 0.00273
scoring_system epss
scoring_elements 0.50657
published_at 2026-04-07T12:55:00Z
8
value 0.00273
scoring_system epss
scoring_elements 0.50675
published_at 2026-04-02T12:55:00Z
9
value 0.00273
scoring_system epss
scoring_elements 0.50622
published_at 2026-04-01T12:55:00Z
10
value 0.00273
scoring_system epss
scoring_elements 0.50708
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10959
2
reference_url https://gerrit.wikimedia.org/r/c/mediawiki/core/+/536725
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gerrit.wikimedia.org/r/c/mediawiki/core/+/536725
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-10959.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-10959.yaml
4
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
5
reference_url https://github.com/wikimedia/mediawiki/commit/d4a552e65bdfd7309a9b8537e9dbe69c5e2991eb
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki/commit/d4a552e65bdfd7309a9b8537e9dbe69c5e2991eb
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10959
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10959
7
reference_url https://phabricator.wikimedia.org/T232932
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T232932
8
reference_url https://phabricator.wikimedia.org/T240393
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T240393
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1826079
reference_id 1826079
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1826079
10
reference_url https://github.com/advisories/GHSA-mqhw-wq8p-vf5r
reference_id GHSA-mqhw-wq8p-vf5r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mqhw-wq8p-vf5r
fixed_packages
0
url pkg:composer/mediawiki/core@1.34.0-rc.0
purl pkg:composer/mediawiki/core@1.34.0-rc.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-424y-cjxg-c7az
1
vulnerability VCID-4keq-jcfa-13hc
2
vulnerability VCID-7eba-7gsc-hbfg
3
vulnerability VCID-arzd-7xhw-qqb4
4
vulnerability VCID-azup-qzq7-sbh6
5
vulnerability VCID-jm7q-2w3j-buhh
6
vulnerability VCID-pm5t-23j4-6yh6
7
vulnerability VCID-ujdn-y48t-pbch
8
vulnerability VCID-z9d9-aer5-gfa9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.34.0-rc.0
aliases CVE-2020-10959, GHSA-mqhw-wq8p-vf5r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qyu-z71g-1qbq
2
url VCID-jm7q-2w3j-buhh
vulnerability_id VCID-jm7q-2w3j-buhh
summary 
MediaWiki Denial of Service vulnerability
An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45363
reference_id
reference_type
scores
0
value 0.11025
scoring_system epss
scoring_elements 0.93415
published_at 2026-04-07T12:55:00Z
1
value 0.11025
scoring_system epss
scoring_elements 0.93464
published_at 2026-04-21T12:55:00Z
2
value 0.11025
scoring_system epss
scoring_elements 0.93458
published_at 2026-04-18T12:55:00Z
3
value 0.11025
scoring_system epss
scoring_elements 0.93407
published_at 2026-04-02T12:55:00Z
4
value 0.11025
scoring_system epss
scoring_elements 0.93452
published_at 2026-04-16T12:55:00Z
5
value 0.11025
scoring_system epss
scoring_elements 0.93433
published_at 2026-04-13T12:55:00Z
6
value 0.11025
scoring_system epss
scoring_elements 0.93432
published_at 2026-04-12T12:55:00Z
7
value 0.11025
scoring_system epss
scoring_elements 0.93427
published_at 2026-04-09T12:55:00Z
8
value 0.11025
scoring_system epss
scoring_elements 0.93424
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45363
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
5
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
6
reference_url https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8
7
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html
8
reference_url https://phabricator.wikimedia.org/T333050
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://phabricator.wikimedia.org/T333050
9
reference_url https://www.debian.org/security/2023/dsa-5520
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://www.debian.org/security/2023/dsa-5520
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45363
reference_id CVE-2023-45363
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45363
11
reference_url https://github.com/advisories/GHSA-w5fx-cx7f-6vr9
reference_id GHSA-w5fx-cx7f-6vr9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w5fx-cx7f-6vr9
fixed_packages
0
url pkg:composer/mediawiki/core@1.35.12
purl pkg:composer/mediawiki/core@1.35.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.35.12
1
url pkg:composer/mediawiki/core@1.39.5
purl pkg:composer/mediawiki/core@1.39.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.39.5
2
url pkg:composer/mediawiki/core@1.40.1
purl pkg:composer/mediawiki/core@1.40.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.40.1
aliases CVE-2023-45363, GHSA-w5fx-cx7f-6vr9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jm7q-2w3j-buhh
3
url VCID-sf61-byhw-17gv
vulnerability_id VCID-sf61-byhw-17gv
summary 
Mediawiki Improper Privilege Management
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:3142
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3142
1
reference_url https://access.redhat.com/errata/RHSA-2019:3238
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3238
2
reference_url https://access.redhat.com/errata/RHSA-2019:3813
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3813
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0503.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0503.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0503
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.59493
published_at 2026-04-01T12:55:00Z
1
value 0.00383
scoring_system epss
scoring_elements 0.59631
published_at 2026-04-21T12:55:00Z
2
value 0.00383
scoring_system epss
scoring_elements 0.59647
published_at 2026-04-18T12:55:00Z
3
value 0.00383
scoring_system epss
scoring_elements 0.5964
published_at 2026-04-16T12:55:00Z
4
value 0.00383
scoring_system epss
scoring_elements 0.59607
published_at 2026-04-13T12:55:00Z
5
value 0.00383
scoring_system epss
scoring_elements 0.59627
published_at 2026-04-12T12:55:00Z
6
value 0.00383
scoring_system epss
scoring_elements 0.59611
published_at 2026-04-08T12:55:00Z
7
value 0.00383
scoring_system epss
scoring_elements 0.5956
published_at 2026-04-07T12:55:00Z
8
value 0.00383
scoring_system epss
scoring_elements 0.59591
published_at 2026-04-04T12:55:00Z
9
value 0.00383
scoring_system epss
scoring_elements 0.59566
published_at 2026-04-02T12:55:00Z
10
value 0.00383
scoring_system epss
scoring_elements 0.59643
published_at 2026-04-11T12:55:00Z
11
value 0.00383
scoring_system epss
scoring_elements 0.59624
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0503
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0503
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0504
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0505
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0505
8
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
9
reference_url https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
10
reference_url https://phabricator.wikimedia.org/T169545
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T169545
11
reference_url https://www.debian.org/security/2018/dsa-4301
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4301
12
reference_url http://www.securitytracker.com/id/1041695
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1041695
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1634161
reference_id 1634161
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1634161
14
reference_url https://security.archlinux.org/ASA-201809-5
reference_id ASA-201809-5
reference_type
scores
url https://security.archlinux.org/ASA-201809-5
15
reference_url https://security.archlinux.org/AVG-765
reference_id AVG-765
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-765
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0503
reference_id CVE-2018-0503
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-0503
17
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2018-0503.yaml
reference_id CVE-2018-0503.YAML
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2018-0503.yaml
18
reference_url https://github.com/advisories/GHSA-mhfv-9h99-jwg7
reference_id GHSA-mhfv-9h99-jwg7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mhfv-9h99-jwg7
fixed_packages
0
url pkg:composer/mediawiki/core@1.29.3
purl pkg:composer/mediawiki/core@1.29.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7eba-7gsc-hbfg
1
vulnerability VCID-9qyu-z71g-1qbq
2
vulnerability VCID-jm7q-2w3j-buhh
3
vulnerability VCID-z9d9-aer5-gfa9
4
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.29.3
1
url pkg:composer/mediawiki/core@1.30.1
purl pkg:composer/mediawiki/core@1.30.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1697-p35n-fber
1
vulnerability VCID-1866-gt2g-1qfv
2
vulnerability VCID-7eba-7gsc-hbfg
3
vulnerability VCID-9qyu-z71g-1qbq
4
vulnerability VCID-bbef-akjp-a3gp
5
vulnerability VCID-gma6-b9cy-kqee
6
vulnerability VCID-jm7q-2w3j-buhh
7
vulnerability VCID-kjp3-cs2f-t7b4
8
vulnerability VCID-qmx3-kcnd-zuhe
9
vulnerability VCID-tq2e-c9ym-a3hj
10
vulnerability VCID-u2xc-ztge-p3bv
11
vulnerability VCID-yr8d-347g-pugg
12
vulnerability VCID-z9d9-aer5-gfa9
13
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.30.1
2
url pkg:composer/mediawiki/core@1.31.1
purl pkg:composer/mediawiki/core@1.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1697-p35n-fber
1
vulnerability VCID-1866-gt2g-1qfv
2
vulnerability VCID-4keq-jcfa-13hc
3
vulnerability VCID-7eba-7gsc-hbfg
4
vulnerability VCID-9qyu-z71g-1qbq
5
vulnerability VCID-arzd-7xhw-qqb4
6
vulnerability VCID-azup-qzq7-sbh6
7
vulnerability VCID-bbef-akjp-a3gp
8
vulnerability VCID-gma6-b9cy-kqee
9
vulnerability VCID-jm7q-2w3j-buhh
10
vulnerability VCID-kjp3-cs2f-t7b4
11
vulnerability VCID-pm5t-23j4-6yh6
12
vulnerability VCID-qmx3-kcnd-zuhe
13
vulnerability VCID-t6w8-cgct-gbgz
14
vulnerability VCID-tq2e-c9ym-a3hj
15
vulnerability VCID-u2xc-ztge-p3bv
16
vulnerability VCID-ujdn-y48t-pbch
17
vulnerability VCID-yr8d-347g-pugg
18
vulnerability VCID-z9d9-aer5-gfa9
19
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.31.1
aliases CVE-2018-0503, GHSA-mhfv-9h99-jwg7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sf61-byhw-17gv
4
url VCID-v27j-4pnt-n7h9
vulnerability_id VCID-v27j-4pnt-n7h9
summary 
Mediawiki BotPassword can bypass CentralAuth's account lock
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:3142
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3142
1
reference_url https://access.redhat.com/errata/RHSA-2019:3238
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3238
2
reference_url https://access.redhat.com/errata/RHSA-2019:3813
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3813
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0505.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0505.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0505
reference_id
reference_type
scores
0
value 0.00427
scoring_system epss
scoring_elements 0.62309
published_at 2026-04-01T12:55:00Z
1
value 0.00427
scoring_system epss
scoring_elements 0.6245
published_at 2026-04-21T12:55:00Z
2
value 0.00427
scoring_system epss
scoring_elements 0.62466
published_at 2026-04-18T12:55:00Z
3
value 0.00427
scoring_system epss
scoring_elements 0.6246
published_at 2026-04-16T12:55:00Z
4
value 0.00427
scoring_system epss
scoring_elements 0.62415
published_at 2026-04-13T12:55:00Z
5
value 0.00427
scoring_system epss
scoring_elements 0.62437
published_at 2026-04-12T12:55:00Z
6
value 0.00427
scoring_system epss
scoring_elements 0.62411
published_at 2026-04-08T12:55:00Z
7
value 0.00427
scoring_system epss
scoring_elements 0.62362
published_at 2026-04-07T12:55:00Z
8
value 0.00427
scoring_system epss
scoring_elements 0.62397
published_at 2026-04-04T12:55:00Z
9
value 0.00427
scoring_system epss
scoring_elements 0.62367
published_at 2026-04-02T12:55:00Z
10
value 0.00427
scoring_system epss
scoring_elements 0.62447
published_at 2026-04-11T12:55:00Z
11
value 0.00427
scoring_system epss
scoring_elements 0.62428
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0505
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0503
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0504
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0505
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0505
8
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
9
reference_url https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
10
reference_url https://phabricator.wikimedia.org/T194605
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T194605
11
reference_url https://www.debian.org/security/2018/dsa-4301
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4301
12
reference_url http://www.securitytracker.com/id/1041695
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1041695
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1634166
reference_id 1634166
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1634166
14
reference_url https://security.archlinux.org/ASA-201809-5
reference_id ASA-201809-5
reference_type
scores
url https://security.archlinux.org/ASA-201809-5
15
reference_url https://security.archlinux.org/AVG-765
reference_id AVG-765
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-765
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0505
reference_id CVE-2018-0505
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-0505
17
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2018-0505.yaml
reference_id CVE-2018-0505.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2018-0505.yaml
18
reference_url https://github.com/advisories/GHSA-5c6w-f4w2-2grp
reference_id GHSA-5c6w-f4w2-2grp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5c6w-f4w2-2grp
fixed_packages
0
url pkg:composer/mediawiki/core@1.29.3
purl pkg:composer/mediawiki/core@1.29.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7eba-7gsc-hbfg
1
vulnerability VCID-9qyu-z71g-1qbq
2
vulnerability VCID-jm7q-2w3j-buhh
3
vulnerability VCID-z9d9-aer5-gfa9
4
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.29.3
1
url pkg:composer/mediawiki/core@1.30.1
purl pkg:composer/mediawiki/core@1.30.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1697-p35n-fber
1
vulnerability VCID-1866-gt2g-1qfv
2
vulnerability VCID-7eba-7gsc-hbfg
3
vulnerability VCID-9qyu-z71g-1qbq
4
vulnerability VCID-bbef-akjp-a3gp
5
vulnerability VCID-gma6-b9cy-kqee
6
vulnerability VCID-jm7q-2w3j-buhh
7
vulnerability VCID-kjp3-cs2f-t7b4
8
vulnerability VCID-qmx3-kcnd-zuhe
9
vulnerability VCID-tq2e-c9ym-a3hj
10
vulnerability VCID-u2xc-ztge-p3bv
11
vulnerability VCID-yr8d-347g-pugg
12
vulnerability VCID-z9d9-aer5-gfa9
13
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.30.1
2
url pkg:composer/mediawiki/core@1.31.1
purl pkg:composer/mediawiki/core@1.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1697-p35n-fber
1
vulnerability VCID-1866-gt2g-1qfv
2
vulnerability VCID-4keq-jcfa-13hc
3
vulnerability VCID-7eba-7gsc-hbfg
4
vulnerability VCID-9qyu-z71g-1qbq
5
vulnerability VCID-arzd-7xhw-qqb4
6
vulnerability VCID-azup-qzq7-sbh6
7
vulnerability VCID-bbef-akjp-a3gp
8
vulnerability VCID-gma6-b9cy-kqee
9
vulnerability VCID-jm7q-2w3j-buhh
10
vulnerability VCID-kjp3-cs2f-t7b4
11
vulnerability VCID-pm5t-23j4-6yh6
12
vulnerability VCID-qmx3-kcnd-zuhe
13
vulnerability VCID-t6w8-cgct-gbgz
14
vulnerability VCID-tq2e-c9ym-a3hj
15
vulnerability VCID-u2xc-ztge-p3bv
16
vulnerability VCID-ujdn-y48t-pbch
17
vulnerability VCID-yr8d-347g-pugg
18
vulnerability VCID-z9d9-aer5-gfa9
19
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.31.1
aliases CVE-2018-0505, GHSA-5c6w-f4w2-2grp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v27j-4pnt-n7h9
5
url VCID-w3f8-nrqd-p7gq
vulnerability_id VCID-w3f8-nrqd-p7gq
summary 
Mediawiki information disclosure vulnerability
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:3238
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3238
1
reference_url https://access.redhat.com/errata/RHSA-2019:3813
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3813
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0504.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0504.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0504
reference_id
reference_type
scores
0
value 0.01531
scoring_system epss
scoring_elements 0.81353
published_at 2026-04-21T12:55:00Z
1
value 0.01612
scoring_system epss
scoring_elements 0.81702
published_at 2026-04-01T12:55:00Z
2
value 0.01612
scoring_system epss
scoring_elements 0.81805
published_at 2026-04-18T12:55:00Z
3
value 0.01612
scoring_system epss
scoring_elements 0.8176
published_at 2026-04-08T12:55:00Z
4
value 0.01612
scoring_system epss
scoring_elements 0.81733
published_at 2026-04-07T12:55:00Z
5
value 0.01612
scoring_system epss
scoring_elements 0.81736
published_at 2026-04-04T12:55:00Z
6
value 0.01612
scoring_system epss
scoring_elements 0.81713
published_at 2026-04-02T12:55:00Z
7
value 0.01612
scoring_system epss
scoring_elements 0.81804
published_at 2026-04-16T12:55:00Z
8
value 0.01612
scoring_system epss
scoring_elements 0.81767
published_at 2026-04-13T12:55:00Z
9
value 0.01612
scoring_system epss
scoring_elements 0.81772
published_at 2026-04-12T12:55:00Z
10
value 0.01612
scoring_system epss
scoring_elements 0.81784
published_at 2026-04-11T12:55:00Z
11
value 0.01612
scoring_system epss
scoring_elements 0.81765
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0504
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0503
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0504
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0505
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0505
7
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
8
reference_url https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html
9
reference_url https://phabricator.wikimedia.org/T187638
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T187638
10
reference_url https://www.debian.org/security/2018/dsa-4301
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4301
11
reference_url http://www.securitytracker.com/id/1041695
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1041695
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1634168
reference_id 1634168
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1634168
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0504
reference_id CVE-2018-0504
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-0504
14
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2018-0504.yaml
reference_id CVE-2018-0504.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2018-0504.yaml
15
reference_url https://github.com/advisories/GHSA-hr8v-f4g2-p66f
reference_id GHSA-hr8v-f4g2-p66f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hr8v-f4g2-p66f
fixed_packages
0
url pkg:composer/mediawiki/core@1.29.3
purl pkg:composer/mediawiki/core@1.29.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7eba-7gsc-hbfg
1
vulnerability VCID-9qyu-z71g-1qbq
2
vulnerability VCID-jm7q-2w3j-buhh
3
vulnerability VCID-z9d9-aer5-gfa9
4
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.29.3
1
url pkg:composer/mediawiki/core@1.30.1
purl pkg:composer/mediawiki/core@1.30.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1697-p35n-fber
1
vulnerability VCID-1866-gt2g-1qfv
2
vulnerability VCID-7eba-7gsc-hbfg
3
vulnerability VCID-9qyu-z71g-1qbq
4
vulnerability VCID-bbef-akjp-a3gp
5
vulnerability VCID-gma6-b9cy-kqee
6
vulnerability VCID-jm7q-2w3j-buhh
7
vulnerability VCID-kjp3-cs2f-t7b4
8
vulnerability VCID-qmx3-kcnd-zuhe
9
vulnerability VCID-tq2e-c9ym-a3hj
10
vulnerability VCID-u2xc-ztge-p3bv
11
vulnerability VCID-yr8d-347g-pugg
12
vulnerability VCID-z9d9-aer5-gfa9
13
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.30.1
2
url pkg:composer/mediawiki/core@1.31.1
purl pkg:composer/mediawiki/core@1.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1697-p35n-fber
1
vulnerability VCID-1866-gt2g-1qfv
2
vulnerability VCID-4keq-jcfa-13hc
3
vulnerability VCID-7eba-7gsc-hbfg
4
vulnerability VCID-9qyu-z71g-1qbq
5
vulnerability VCID-arzd-7xhw-qqb4
6
vulnerability VCID-azup-qzq7-sbh6
7
vulnerability VCID-bbef-akjp-a3gp
8
vulnerability VCID-gma6-b9cy-kqee
9
vulnerability VCID-jm7q-2w3j-buhh
10
vulnerability VCID-kjp3-cs2f-t7b4
11
vulnerability VCID-pm5t-23j4-6yh6
12
vulnerability VCID-qmx3-kcnd-zuhe
13
vulnerability VCID-t6w8-cgct-gbgz
14
vulnerability VCID-tq2e-c9ym-a3hj
15
vulnerability VCID-u2xc-ztge-p3bv
16
vulnerability VCID-ujdn-y48t-pbch
17
vulnerability VCID-yr8d-347g-pugg
18
vulnerability VCID-z9d9-aer5-gfa9
19
vulnerability VCID-zgdf-mxfn-gbea
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.31.1
aliases CVE-2018-0504, GHSA-hr8v-f4g2-p66f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w3f8-nrqd-p7gq
6
url VCID-z9d9-aer5-gfa9
vulnerability_id VCID-z9d9-aer5-gfa9
summary Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41800.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41800.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41800
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.3925
published_at 2026-04-21T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.39342
published_at 2026-04-08T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39337
published_at 2026-04-18T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39365
published_at 2026-04-16T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.39313
published_at 2026-04-13T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.39331
published_at 2026-04-12T12:55:00Z
6
value 0.00177
scoring_system epss
scoring_elements 0.39164
published_at 2026-04-01T12:55:00Z
7
value 0.00177
scoring_system epss
scoring_elements 0.39371
published_at 2026-04-11T12:55:00Z
8
value 0.00177
scoring_system epss
scoring_elements 0.3935
published_at 2026-04-02T12:55:00Z
9
value 0.00177
scoring_system epss
scoring_elements 0.39374
published_at 2026-04-04T12:55:00Z
10
value 0.00177
scoring_system epss
scoring_elements 0.39287
published_at 2026-04-07T12:55:00Z
11
value 0.00177
scoring_system epss
scoring_elements 0.39359
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41800
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801
7
reference_url https://github.com/wikimedia/mediawiki/commit/781caf83dba90c18349f930bbaaa0e89f003f874
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki/commit/781caf83dba90c18349f930bbaaa0e89f003f874
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX/
14
reference_url https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5
15
reference_url https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/
reference_id
reference_type
scores
url https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41800
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41800
17
reference_url https://phabricator.wikimedia.org/T284419
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T284419
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2009517
reference_id 2009517
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2009517
19
reference_url https://security.archlinux.org/AVG-2434
reference_id AVG-2434
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2434
20
reference_url https://github.com/advisories/GHSA-c8wv-qwwc-6j73
reference_id GHSA-c8wv-qwwc-6j73
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c8wv-qwwc-6j73
21
reference_url https://security.gentoo.org/glsa/202305-24
reference_id GLSA-202305-24
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202305-24
fixed_packages
0
url pkg:composer/mediawiki/core@1.36.2
purl pkg:composer/mediawiki/core@1.36.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jm7q-2w3j-buhh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.36.2
aliases CVE-2021-41800, GHSA-c8wv-qwwc-6j73
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z9d9-aer5-gfa9
7
url VCID-zgdf-mxfn-gbea
vulnerability_id VCID-zgdf-mxfn-gbea
summary 
img_auth.php may leak private extension images into the public cache
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control and Vary headers were mishandled.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15005.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15005
reference_id
reference_type
scores
0
value 0.00737
scoring_system epss
scoring_elements 0.72868
published_at 2026-04-21T12:55:00Z
1
value 0.00737
scoring_system epss
scoring_elements 0.72768
published_at 2026-04-01T12:55:00Z
2
value 0.00737
scoring_system epss
scoring_elements 0.72776
published_at 2026-04-02T12:55:00Z
3
value 0.00737
scoring_system epss
scoring_elements 0.72796
published_at 2026-04-04T12:55:00Z
4
value 0.00737
scoring_system epss
scoring_elements 0.72773
published_at 2026-04-07T12:55:00Z
5
value 0.00737
scoring_system epss
scoring_elements 0.72811
published_at 2026-04-08T12:55:00Z
6
value 0.00737
scoring_system epss
scoring_elements 0.72825
published_at 2026-04-09T12:55:00Z
7
value 0.00737
scoring_system epss
scoring_elements 0.7285
published_at 2026-04-11T12:55:00Z
8
value 0.00737
scoring_system epss
scoring_elements 0.72833
published_at 2026-04-12T12:55:00Z
9
value 0.00737
scoring_system epss
scoring_elements 0.72824
published_at 2026-04-13T12:55:00Z
10
value 0.00737
scoring_system epss
scoring_elements 0.72866
published_at 2026-04-16T12:55:00Z
11
value 0.00737
scoring_system epss
scoring_elements 0.72876
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15005
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
10
reference_url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_31/RELEASE-NOTES-1.31
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_31/RELEASE-NOTES-1.31
11
reference_url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_33/RELEASE-NOTES-1.33
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_33/RELEASE-NOTES-1.33
12
reference_url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_34/RELEASE-NOTES-1.34
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_34/RELEASE-NOTES-1.34
13
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
14
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00034.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00034.html
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEZIMLJMJS72SJXPYL736XMUAVCRQD2H
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEZIMLJMJS72SJXPYL736XMUAVCRQD2H
16
reference_url https://lists.wikimedia.org/pipermail/wikitech-l/2020-June/093535.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/wikitech-l/2020-June/093535.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15005
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15005
18
reference_url https://phabricator.wikimedia.org/T248947
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T248947
19
reference_url https://www.debian.org/security/2020/dsa-4767
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4767
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1851026
reference_id 1851026
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1851026
21
reference_url https://github.com/advisories/GHSA-xpv7-93cm-4mxv
reference_id GHSA-xpv7-93cm-4mxv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xpv7-93cm-4mxv
fixed_packages
0
url pkg:composer/mediawiki/core@1.31.8
purl pkg:composer/mediawiki/core@1.31.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7eba-7gsc-hbfg
1
vulnerability VCID-9qyu-z71g-1qbq
2
vulnerability VCID-arzd-7xhw-qqb4
3
vulnerability VCID-azup-qzq7-sbh6
4
vulnerability VCID-jm7q-2w3j-buhh
5
vulnerability VCID-pm5t-23j4-6yh6
6
vulnerability VCID-ujdn-y48t-pbch
7
vulnerability VCID-z9d9-aer5-gfa9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.31.8
1
url pkg:composer/mediawiki/core@1.33.4
purl pkg:composer/mediawiki/core@1.33.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-424y-cjxg-c7az
1
vulnerability VCID-7eba-7gsc-hbfg
2
vulnerability VCID-9qyu-z71g-1qbq
3
vulnerability VCID-arzd-7xhw-qqb4
4
vulnerability VCID-azup-qzq7-sbh6
5
vulnerability VCID-jm7q-2w3j-buhh
6
vulnerability VCID-pm5t-23j4-6yh6
7
vulnerability VCID-ujdn-y48t-pbch
8
vulnerability VCID-z9d9-aer5-gfa9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.33.4
2
url pkg:composer/mediawiki/core@1.34.2
purl pkg:composer/mediawiki/core@1.34.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-424y-cjxg-c7az
1
vulnerability VCID-7eba-7gsc-hbfg
2
vulnerability VCID-arzd-7xhw-qqb4
3
vulnerability VCID-azup-qzq7-sbh6
4
vulnerability VCID-h8jw-brz8-hkfn
5
vulnerability VCID-jm7q-2w3j-buhh
6
vulnerability VCID-pm5t-23j4-6yh6
7
vulnerability VCID-ujdn-y48t-pbch
8
vulnerability VCID-z9d9-aer5-gfa9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.34.2
aliases CVE-2020-15005, GHSA-xpv7-93cm-4mxv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgdf-mxfn-gbea
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.29.0