Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie

Type deb

Namespace debian

Name mediawiki

Version 1:1.19.2-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:1.19.3-1

Latest_non_vulnerable_version 1:1.43.8+dfsg-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-e9pq-ynp8-nygx

vulnerability_id VCID-e9pq-ynp8-nygx

summary MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-4382

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52264
published_at	2026-04-21T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52281
published_at	2026-04-18T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52133
published_at	2026-04-01T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52177
published_at	2026-04-02T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52205
published_at	2026-04-04T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5217
published_at	2026-04-07T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52223
published_at	2026-04-08T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52219
published_at	2026-04-09T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5227
published_at	2026-04-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52254
published_at	2026-04-12T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52239
published_at	2026-04-13T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52278
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-4382

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4382

reference_url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html
reference_id
reference_type
scores
url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html

reference_url	https://phabricator.wikimedia.org/T41823
reference_id
reference_type
scores
url	https://phabricator.wikimedia.org/T41823

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/10

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::
reference_id	cpe:2.3:a:mediawiki:mediawiki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-4382

reference_id

CVE-2012-4382

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-4382

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-4382

risk_score 2.2

exploitability 0.5

weighted_severity 4.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e9pq-ynp8-nygx

url VCID-fm5x-32wy-57e3

vulnerability_id VCID-fm5x-32wy-57e3

summary MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-4379

reference_id

reference_type

scores

value	0.00429
scoring_system	epss
scoring_elements	0.62543
published_at	2026-04-21T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62561
published_at	2026-04-18T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62405
published_at	2026-04-01T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62463
published_at	2026-04-02T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62494
published_at	2026-04-04T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62461
published_at	2026-04-07T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62513
published_at	2026-04-08T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62529
published_at	2026-04-09T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62548
published_at	2026-04-11T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62537
published_at	2026-04-12T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62514
published_at	2026-04-13T12:55:00Z

value	0.00429
scoring_system	epss
scoring_elements	0.62555
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-4379

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=853426
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=853426

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4379

reference_url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html
reference_id
reference_type
scores
url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html

reference_url	https://phabricator.wikimedia.org/T41180
reference_id
reference_type
scores
url	https://phabricator.wikimedia.org/T41180

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/10

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::
reference_id	cpe:2.3:a:mediawiki:mediawiki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-4379

reference_id

CVE-2012-4379

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-4379

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-4379

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fm5x-32wy-57e3

url VCID-fsk6-nkuk-wqa3

vulnerability_id VCID-fsk6-nkuk-wqa3

summary Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web script or HTML via the userlang parameter to w/index.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-4378

reference_id

reference_type

scores

value	0.00507
scoring_system	epss
scoring_elements	0.66308
published_at	2026-04-21T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66323
published_at	2026-04-18T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66198
published_at	2026-04-01T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66239
published_at	2026-04-02T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66265
published_at	2026-04-04T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66235
published_at	2026-04-07T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66283
published_at	2026-04-08T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66296
published_at	2026-04-09T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66316
published_at	2026-04-11T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66303
published_at	2026-04-12T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66272
published_at	2026-04-13T12:55:00Z

value	0.00507
scoring_system	epss
scoring_elements	0.66306
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-4378

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=853417
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=853417

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4378

reference_url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html
reference_id
reference_type
scores
url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html

reference_url	https://phabricator.wikimedia.org/T39587
reference_id
reference_type
scores
url	https://phabricator.wikimedia.org/T39587

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/10

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::
reference_id	cpe:2.3:a:mediawiki:mediawiki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-4378

reference_id

CVE-2012-4378

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-4378

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-4378

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fsk6-nkuk-wqa3

url VCID-m5a4-k87e-skaq

vulnerability_id VCID-m5a4-k87e-skaq

summary Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-4377

reference_id

reference_type

scores

value	0.00998
scoring_system	epss
scoring_elements	0.76996
published_at	2026-04-21T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.77004
published_at	2026-04-18T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76895
published_at	2026-04-01T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76902
published_at	2026-04-02T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76932
published_at	2026-04-04T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76915
published_at	2026-04-07T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76947
published_at	2026-04-08T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76958
published_at	2026-04-09T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76986
published_at	2026-04-11T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.76965
published_at	2026-04-12T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.7696
published_at	2026-04-13T12:55:00Z

value	0.00998
scoring_system	epss
scoring_elements	0.77001
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-4377

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=853409
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=853409

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4377

reference_url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html
reference_id
reference_type
scores
url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html

reference_url	https://phabricator.wikimedia.org/T41700
reference_id
reference_type
scores
url	https://phabricator.wikimedia.org/T41700

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/10

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::
reference_id	cpe:2.3:a:mediawiki:mediawiki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-4377

reference_id

CVE-2012-4377

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-4377

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-4377

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5a4-k87e-skaq

url VCID-pqtu-ce8a-q7bk

vulnerability_id VCID-pqtu-ce8a-q7bk

summary MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-4381

reference_id

reference_type

scores

value	0.03103
scoring_system	epss
scoring_elements	0.86748
published_at	2026-04-01T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86758
published_at	2026-04-02T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86778
published_at	2026-04-04T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86775
published_at	2026-04-07T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86795
published_at	2026-04-08T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86804
published_at	2026-04-09T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86817
published_at	2026-04-11T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86813
published_at	2026-04-12T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86809
published_at	2026-04-13T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86824
published_at	2026-04-16T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86829
published_at	2026-04-18T12:55:00Z

value	0.03103
scoring_system	epss
scoring_elements	0.86828
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-4381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4381

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-4381

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqtu-ce8a-q7bk

url VCID-rjz9-twh9-wkaa

vulnerability_id VCID-rjz9-twh9-wkaa

summary MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-4380

reference_id

reference_type

scores

value	0.00552
scoring_system	epss
scoring_elements	0.68043
published_at	2026-04-21T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.6806
published_at	2026-04-18T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.67949
published_at	2026-04-01T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.67971
published_at	2026-04-02T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.6799
published_at	2026-04-04T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.67969
published_at	2026-04-07T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.6802
published_at	2026-04-08T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.68034
published_at	2026-04-09T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.68058
published_at	2026-04-11T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.68044
published_at	2026-04-12T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.6801
published_at	2026-04-13T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.68047
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-4380

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=853440
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=853440

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4380

reference_url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html
reference_id
reference_type
scores
url	https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html

reference_url	https://phabricator.wikimedia.org/T41824
reference_id
reference_type
scores
url	https://phabricator.wikimedia.org/T41824

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/10

reference_url	http://www.openwall.com/lists/oss-security/2012/08/31/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/08/31/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::
reference_id	cpe:2.3:a:mediawiki:mediawiki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_id	cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-4380

reference_id

CVE-2012-4380

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-4380

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-4380

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjz9-twh9-wkaa

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie

Package Instance