Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie

Type deb

Namespace debian

Name mediawiki

Version 1:1.39.4-1~deb12u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:1.39.4-1

Latest_non_vulnerable_version 1:1.43.8+dfsg-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7eba-7gsc-hbfg

vulnerability_id VCID-7eba-7gsc-hbfg

summary

X-Forwarded-For header allows brute-forcing autoblocked IP addresses
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-29141

reference_id

reference_type

scores

value	0.00251
scoring_system	epss
scoring_elements	0.48447
published_at	2026-04-12T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48449
published_at	2026-04-09T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48509
published_at	2026-04-16T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48459
published_at	2026-04-13T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48473
published_at	2026-04-11T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48426
published_at	2026-04-02T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48448
published_at	2026-04-04T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48401
published_at	2026-04-07T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48455
published_at	2026-04-08T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52609
published_at	2026-04-18T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52594
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-29141

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675

reference_url

https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/

url

https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39

reference_url

https://github.com/wikimedia/mediawiki

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/wikimedia/mediawiki

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7

reference_url

https://phabricator.wikimedia.org/T285159

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/

url

https://phabricator.wikimedia.org/T285159

reference_url

https://www.debian.org/security/2023/dsa-5447

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/

url

https://www.debian.org/security/2023/dsa-5447

reference_url

https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10

reference_url

https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6

reference_url

https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2183627
reference_id	2183627
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2183627

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-29141

reference_id

CVE-2023-29141

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-29141

reference_url

https://github.com/advisories/GHSA-5vj8-g3qg-4qh6

reference_id

GHSA-5vj8-g3qg-4qh6

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5vj8-g3qg-4qh6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/

reference_id

ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/

reference_id

ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2023-29141, GHSA-5vj8-g3qg-4qh6

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7eba-7gsc-hbfg

url VCID-9g1g-z7d8-c7ah

vulnerability_id VCID-9g1g-z7d8-c7ah

summary

Regular Expression Denial of Service in papaparse
Versions of `papaparse` prior to 5.2.0 are vulnerable to Regular Expression Denial of Service (ReDos). The `parse` function contains a malformed regular expression that takes exponentially longer to process non-numerical inputs. This allows attackers to stall systems and lead to Denial of Service.


## Recommendation

Upgrade to version 5.2.0 or later.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36649.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36649.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36649

reference_id

reference_type

scores

value	0.00427
scoring_system	epss
scoring_elements	0.62458
published_at	2026-04-21T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.6237
published_at	2026-04-07T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62474
published_at	2026-04-18T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62467
published_at	2026-04-16T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62423
published_at	2026-04-13T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62445
published_at	2026-04-12T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62455
published_at	2026-04-11T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62436
published_at	2026-04-09T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62317
published_at	2026-04-01T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62375
published_at	2026-04-02T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62405
published_at	2026-04-04T12:55:00Z

value	0.00427
scoring_system	epss
scoring_elements	0.62419
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36649

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36649
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36649

reference_url

https://github.com/mholt/PapaParse

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mholt/PapaParse

reference_url

https://github.com/mholt/PapaParse/commit/235a12758cd77266d2e98fd715f53536b34ad621

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mholt/PapaParse/commit/235a12758cd77266d2e98fd715f53536b34ad621

reference_url

https://github.com/mholt/PapaParse/issues/777

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mholt/PapaParse/issues/777

reference_url

https://github.com/mholt/PapaParse/pull/779

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mholt/PapaParse/pull/779

reference_url

https://github.com/mholt/PapaParse/releases/tag/5.2.0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mholt/PapaParse/releases/tag/5.2.0

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-36649

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-36649

reference_url

https://snyk.io/vuln/SNYK-JS-PAPAPARSE-564258

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-PAPAPARSE-564258

reference_url

https://vuldb.com/?ctiid.218004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://vuldb.com/?ctiid.218004

reference_url

https://vuldb.com/?id.218004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://vuldb.com/?id.218004

reference_url	https://www.npmjs.com/advisories/1515
reference_id
reference_type
scores
url	https://www.npmjs.com/advisories/1515

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2160359
reference_id	2160359
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2160359

reference_url

https://github.com/advisories/GHSA-qvjc-g5vr-mfgr

reference_id

GHSA-qvjc-g5vr-mfgr

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qvjc-g5vr-mfgr

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2020-36649, GHSA-qvjc-g5vr-mfgr, GMS-2020-421

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9g1g-z7d8-c7ah

url VCID-b8r6-r39r-3ffm

vulnerability_id VCID-b8r6-r39r-3ffm

summary MediaWiki: Manualthumb bypasses badFile lookup

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36674.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36674.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-36674

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13455
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13321
published_at	2026-04-21T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13383
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13336
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13243
published_at	2026-04-16T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13241
published_at	2026-04-18T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13518
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13312
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13394
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13444
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13418
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-36674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2233116
reference_id	2233116
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2233116

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/

reference_id

2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/

reference_id

6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/

reference_id

DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/

reference_url

https://phabricator.wikimedia.org/T335612

reference_id

T335612

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/

url

https://phabricator.wikimedia.org/T335612

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2023-36674

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8r6-r39r-3ffm

url VCID-ruur-4cvx-cqct

vulnerability_id VCID-ruur-4cvx-cqct

summary mediawiki: cross site scripting

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36675.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36675.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-36675

reference_id

reference_type

scores

value	0.00526
scoring_system	epss
scoring_elements	0.66994
published_at	2026-04-02T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67057
published_at	2026-04-21T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67055
published_at	2026-04-09T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67074
published_at	2026-04-11T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.6706
published_at	2026-04-12T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67029
published_at	2026-04-13T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67062
published_at	2026-04-16T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67076
published_at	2026-04-18T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67019
published_at	2026-04-04T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.66993
published_at	2026-04-07T12:55:00Z

value	0.00526
scoring_system	epss
scoring_elements	0.67042
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-36675

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675

reference_url

https://www.mediawiki.org/wiki/Release_notes/1.40#Other_changes_in_1.40

reference_id

1.40#Other_changes_in_1.40

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/

url

https://www.mediawiki.org/wiki/Release_notes/1.40#Other_changes_in_1.40

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2217428
reference_id	2217428
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2217428

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/

reference_id

2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/

reference_id

6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/

reference_id

DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/

reference_url

https://phabricator.wikimedia.org/T332889

reference_id

T332889

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/

url

https://phabricator.wikimedia.org/T332889

fixed_packages

url	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.39.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2023-36675

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ruur-4cvx-cqct

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.4-1~deb12u1%3Fdistro=trixie

Package Instance