Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
Typedeb
Namespacedebian
Namemediawiki
Version1:1.35.13-1~deb11u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:1.35.13-1+deb11u3
Latest_non_vulnerable_version1:1.43.8+dfsg-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2xja-2whv-fqe4
vulnerability_id VCID-2xja-2whv-fqe4
summary mediawiki: diff-multi-sameuser ("X intermediate revisions by the same user not shown") ignores username suppression
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45362.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45362.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45362
reference_id
reference_type
scores
0
value 0.00392
scoring_system epss
scoring_elements 0.60186
published_at 2026-04-02T12:55:00Z
1
value 0.00392
scoring_system epss
scoring_elements 0.60211
published_at 2026-04-04T12:55:00Z
2
value 0.00392
scoring_system epss
scoring_elements 0.6018
published_at 2026-04-07T12:55:00Z
3
value 0.00392
scoring_system epss
scoring_elements 0.6023
published_at 2026-04-08T12:55:00Z
4
value 0.00392
scoring_system epss
scoring_elements 0.60244
published_at 2026-04-09T12:55:00Z
5
value 0.00392
scoring_system epss
scoring_elements 0.60265
published_at 2026-04-11T12:55:00Z
6
value 0.00392
scoring_system epss
scoring_elements 0.60251
published_at 2026-04-12T12:55:00Z
7
value 0.00392
scoring_system epss
scoring_elements 0.60234
published_at 2026-04-13T12:55:00Z
8
value 0.00392
scoring_system epss
scoring_elements 0.60273
published_at 2026-04-16T12:55:00Z
9
value 0.00392
scoring_system epss
scoring_elements 0.60281
published_at 2026-04-18T12:55:00Z
10
value 0.00392
scoring_system epss
scoring_elements 0.60267
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45362
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247805
reference_id 2247805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2247805
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
7
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
8
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2023-45362
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xja-2whv-fqe4
1
url VCID-ea7c-xk4h-13fs
vulnerability_id VCID-ea7c-xk4h-13fs
summary mediawiki: stored XSS leads to privilege escalation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3550.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3550.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3550
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.4022
published_at 2026-04-08T12:55:00Z
1
value 0.00185
scoring_system epss
scoring_elements 0.40127
published_at 2026-04-21T12:55:00Z
2
value 0.00185
scoring_system epss
scoring_elements 0.40245
published_at 2026-04-04T12:55:00Z
3
value 0.00185
scoring_system epss
scoring_elements 0.40167
published_at 2026-04-07T12:55:00Z
4
value 0.00185
scoring_system epss
scoring_elements 0.40231
published_at 2026-04-09T12:55:00Z
5
value 0.00185
scoring_system epss
scoring_elements 0.40244
published_at 2026-04-11T12:55:00Z
6
value 0.00185
scoring_system epss
scoring_elements 0.40205
published_at 2026-04-18T12:55:00Z
7
value 0.00185
scoring_system epss
scoring_elements 0.40187
published_at 2026-04-13T12:55:00Z
8
value 0.00185
scoring_system epss
scoring_elements 0.40235
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3550
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240807
reference_id 2240807
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240807
7
reference_url https://fluidattacks.com/advisories/blondie/
reference_id blondie
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T15:57:17Z/
url https://fluidattacks.com/advisories/blondie/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/
reference_id FU2FGUXXK6TMV6R52VRECLC6XCSQQISY
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T15:57:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/
9
reference_url https://www.mediawiki.org/wiki/MediaWiki/
reference_id MediaWiki
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T15:57:17Z/
url https://www.mediawiki.org/wiki/MediaWiki/
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
7
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
8
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2023-3550
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ea7c-xk4h-13fs
2
url VCID-jm7q-2w3j-buhh
vulnerability_id VCID-jm7q-2w3j-buhh
summary 
MediaWiki Denial of Service vulnerability
An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45363
reference_id
reference_type
scores
0
value 0.11025
scoring_system epss
scoring_elements 0.93415
published_at 2026-04-07T12:55:00Z
1
value 0.11025
scoring_system epss
scoring_elements 0.93464
published_at 2026-04-21T12:55:00Z
2
value 0.11025
scoring_system epss
scoring_elements 0.93458
published_at 2026-04-18T12:55:00Z
3
value 0.11025
scoring_system epss
scoring_elements 0.93407
published_at 2026-04-02T12:55:00Z
4
value 0.11025
scoring_system epss
scoring_elements 0.93452
published_at 2026-04-16T12:55:00Z
5
value 0.11025
scoring_system epss
scoring_elements 0.93433
published_at 2026-04-13T12:55:00Z
6
value 0.11025
scoring_system epss
scoring_elements 0.93432
published_at 2026-04-12T12:55:00Z
7
value 0.11025
scoring_system epss
scoring_elements 0.93427
published_at 2026-04-09T12:55:00Z
8
value 0.11025
scoring_system epss
scoring_elements 0.93424
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45363
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
5
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
6
reference_url https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8
7
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html
8
reference_url https://phabricator.wikimedia.org/T333050
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://phabricator.wikimedia.org/T333050
9
reference_url https://www.debian.org/security/2023/dsa-5520
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/
url https://www.debian.org/security/2023/dsa-5520
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45363
reference_id CVE-2023-45363
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45363
11
reference_url https://github.com/advisories/GHSA-w5fx-cx7f-6vr9
reference_id GHSA-w5fx-cx7f-6vr9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w5fx-cx7f-6vr9
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
7
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
8
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2023-45363, GHSA-w5fx-cx7f-6vr9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jm7q-2w3j-buhh
3
url VCID-zj5a-p9u4-ducw
vulnerability_id VCID-zj5a-p9u4-ducw
summary mediawiki: XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45360.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45360.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45360
reference_id
reference_type
scores
0
value 0.00393
scoring_system epss
scoring_elements 0.60318
published_at 2026-04-21T12:55:00Z
1
value 0.00393
scoring_system epss
scoring_elements 0.60283
published_at 2026-04-13T12:55:00Z
2
value 0.00393
scoring_system epss
scoring_elements 0.60323
published_at 2026-04-16T12:55:00Z
3
value 0.00393
scoring_system epss
scoring_elements 0.6033
published_at 2026-04-18T12:55:00Z
4
value 0.00393
scoring_system epss
scoring_elements 0.60236
published_at 2026-04-02T12:55:00Z
5
value 0.00393
scoring_system epss
scoring_elements 0.60262
published_at 2026-04-04T12:55:00Z
6
value 0.00393
scoring_system epss
scoring_elements 0.60229
published_at 2026-04-07T12:55:00Z
7
value 0.00393
scoring_system epss
scoring_elements 0.60279
published_at 2026-04-08T12:55:00Z
8
value 0.00393
scoring_system epss
scoring_elements 0.60294
published_at 2026-04-09T12:55:00Z
9
value 0.00393
scoring_system epss
scoring_elements 0.60314
published_at 2026-04-11T12:55:00Z
10
value 0.00393
scoring_system epss
scoring_elements 0.60301
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247803
reference_id 2247803
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2247803
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/
reference_id FU2FGUXXK6TMV6R52VRECLC6XCSQQISY
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T14:08:22Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/
8
reference_url https://phabricator.wikimedia.org/T340221
reference_id T340221
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T14:08:22Z/
url https://phabricator.wikimedia.org/T340221
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.5-1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
7
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
8
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2023-45360
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zj5a-p9u4-ducw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1~deb11u1%3Fdistro=trixie