Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/mediawiki@1:1.31.7-1?distro=trixie
Typedeb
Namespacedebian
Namemediawiki
Version1:1.31.7-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:1.31.8-1
Latest_non_vulnerable_version1:1.43.8+dfsg-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-at9r-vw7p-6bfv
vulnerability_id VCID-at9r-vw7p-6bfv
summary 
MediaWiki makeCollapsible allows applying event handler to any CSS selector
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler to any Cascading Style Sheets (CSS) selector. There is no known way to exploit this for cross-site scripting (XSS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10960.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10960.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10960
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43324
published_at 2026-04-21T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.43333
published_at 2026-04-02T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43361
published_at 2026-04-04T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43299
published_at 2026-04-07T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43351
published_at 2026-04-08T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43365
published_at 2026-04-09T12:55:00Z
6
value 0.00209
scoring_system epss
scoring_elements 0.43386
published_at 2026-04-11T12:55:00Z
7
value 0.00209
scoring_system epss
scoring_elements 0.43355
published_at 2026-04-12T12:55:00Z
8
value 0.00209
scoring_system epss
scoring_elements 0.43339
published_at 2026-04-13T12:55:00Z
9
value 0.00209
scoring_system epss
scoring_elements 0.43399
published_at 2026-04-16T12:55:00Z
10
value 0.00209
scoring_system epss
scoring_elements 0.43389
published_at 2026-04-18T12:55:00Z
11
value 0.00209
scoring_system epss
scoring_elements 0.43275
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10960
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-10960.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-10960.yaml
4
reference_url https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10960
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10960
6
reference_url https://phabricator.wikimedia.org/T246602
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T246602
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1826076
reference_id 1826076
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1826076
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
9
reference_url https://github.com/advisories/GHSA-pfm2-mqwj-ggm5
reference_id GHSA-pfm2-mqwj-ggm5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pfm2-mqwj-ggm5
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.31.7-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.31.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.7-1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2020-10960, GHSA-pfm2-mqwj-ggm5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-at9r-vw7p-6bfv
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.7-1%3Fdistro=trixie