Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie

Type deb

Namespace debian

Name mediawiki

Version 1:1.43.6+dfsg-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:1.43.6+dfsg-2

Latest_non_vulnerable_version 1:1.43.8+dfsg-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3zue-5ccg-23hs

vulnerability_id VCID-3zue-5ccg-23hs

summary Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67480

reference_id

reference_type

scores

value	0.00067
scoring_system	epss
scoring_elements	0.20645
published_at	2026-04-18T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20636
published_at	2026-04-21T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20647
published_at	2026-04-16T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33244
published_at	2026-04-08T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33338
published_at	2026-04-02T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33283
published_at	2026-04-11T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33279
published_at	2026-04-09T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.3337
published_at	2026-04-04T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33202
published_at	2026-04-07T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.365
published_at	2026-04-13T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36524
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480

reference_url

https://phabricator.wikimedia.org/T401053

reference_id

T401053

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:01:49Z/

url

https://phabricator.wikimedia.org/T401053

fixed_packages

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67480

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3zue-5ccg-23hs

url VCID-m7uw-sa5j-u3bw

vulnerability_id VCID-m7uw-sa5j-u3bw

summary Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67481

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01314
published_at	2026-04-11T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01999
published_at	2026-04-21T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01915
published_at	2026-04-18T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01941
published_at	2026-04-12T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01935
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05791
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0573
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05726
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05765
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05689
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481

reference_url

https://phabricator.wikimedia.org/T251032

reference_id

T251032

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:13Z/

url

https://phabricator.wikimedia.org/T251032

fixed_packages

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67481

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7uw-sa5j-u3bw

url VCID-n22t-95dq-p7hr

vulnerability_id VCID-n22t-95dq-p7hr

summary MediaWiki: MediaWiki: Cross-site scripting vulnerability in page preview functionality

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67483.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67483.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67483

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01314
published_at	2026-04-11T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01999
published_at	2026-04-21T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01941
published_at	2026-04-12T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01935
published_at	2026-04-13T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01915
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05689
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05791
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0573
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05726
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05765
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67483

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2436188
reference_id	2436188
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2436188

reference_url

https://phabricator.wikimedia.org/T409226

reference_id

T409226

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:02:18Z/

url

https://phabricator.wikimedia.org/T409226

fixed_packages

url	pkg:deb/debian/mediawiki@0?distro=trixie
purl	pkg:deb/debian/mediawiki@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67483

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n22t-95dq-p7hr

url VCID-qpgu-mg6m-vyef

vulnerability_id VCID-qpgu-mg6m-vyef

summary Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C. This issue affects Scribunto: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1; luasandbox: from * before fea2304f8f6ab30314369a612f4f5b165e68e95a.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67482

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05245
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05277
published_at	2026-04-04T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05303
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05337
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05359
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05326
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05497
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0567
published_at	2026-04-21T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05507
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05554
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05547
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67482

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482

reference_url

https://phabricator.wikimedia.org/T408135

reference_id

T408135

reference_type

scores

value	1.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:14Z/

url

https://phabricator.wikimedia.org/T408135

fixed_packages

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67482

risk_score 0.5

exploitability 0.5

weighted_severity 1.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpgu-mg6m-vyef

url VCID-s9d6-rtuj-u3hy

vulnerability_id VCID-s9d6-rtuj-u3hy

summary MediaWiki: MediaWiki: Cross-site Scripting vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67477.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67477.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67477

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01314
published_at	2026-04-11T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01999
published_at	2026-04-21T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01941
published_at	2026-04-12T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01935
published_at	2026-04-13T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01915
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05689
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05791
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0573
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05726
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05765
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67477

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2436175
reference_id	2436175
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2436175

reference_url

https://phabricator.wikimedia.org/T406639

reference_id

T406639

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:18Z/

url

https://phabricator.wikimedia.org/T406639

fixed_packages

url	pkg:deb/debian/mediawiki@0?distro=trixie
purl	pkg:deb/debian/mediawiki@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67477

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s9d6-rtuj-u3hy

url VCID-tutk-y8jg-n7dh

vulnerability_id VCID-tutk-y8jg-n7dh

summary Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67478

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05376
published_at	2026-04-18T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.0554
published_at	2026-04-21T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05372
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05583
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0551
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05579
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05607
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05546
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05545
published_at	2026-04-07T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05811
published_at	2026-04-13T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05818
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478

reference_url

https://phabricator.wikimedia.org/T385403

reference_id

T385403

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:08Z/

url

https://phabricator.wikimedia.org/T385403

fixed_packages

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67478

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tutk-y8jg-n7dh

url VCID-v3dp-7stt-tygf

vulnerability_id VCID-v3dp-7stt-tygf

summary MediaWiki: MediaWiki: Cross-site Scripting vulnerability due to improper input neutralization

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67475

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01642
published_at	2026-04-11T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02532
published_at	2026-04-21T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02443
published_at	2026-04-13T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02425
published_at	2026-04-16T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02432
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06192
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06288
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06223
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06203
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06247
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2436176
reference_id	2436176
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2436176

reference_url

https://phabricator.wikimedia.org/T406664

reference_id

T406664

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:07Z/

url

https://phabricator.wikimedia.org/T406664

fixed_packages

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67475

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3dp-7stt-tygf

url VCID-wraf-59ce-u3br

vulnerability_id VCID-wraf-59ce-u3br

summary MediaWiki: MediaWiki: Vulnerability in parsing and sanitization

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67479

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05245
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05277
published_at	2026-04-04T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05303
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05337
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05359
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05326
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05497
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0567
published_at	2026-04-21T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05507
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05554
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05547
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2436184
reference_id	2436184
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2436184

reference_url

https://phabricator.wikimedia.org/T407131

reference_id

T407131

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:19Z/

url

https://phabricator.wikimedia.org/T407131

fixed_packages

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67479

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wraf-59ce-u3br

url VCID-z8qp-v64u-tuh8

vulnerability_id VCID-z8qp-v64u-tuh8

summary MediaWiki: MediaWiki: Vulnerability in ApiFormatXml.Php requiring high privileges

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-67484

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.09518
published_at	2026-04-21T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09366
published_at	2026-04-16T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09368
published_at	2026-04-18T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09879
published_at	2026-04-07T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09933
published_at	2026-04-02T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09954
published_at	2026-04-08T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.10004
published_at	2026-04-09T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.10019
published_at	2026-04-11T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09981
published_at	2026-04-04T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12073
published_at	2026-04-12T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12043
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-67484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2436190
reference_id	2436190
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2436190

reference_url

https://phabricator.wikimedia.org/T401995

reference_id

T401995

reference_type

scores

value	0
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:02:03Z/

url

https://phabricator.wikimedia.org/T401995

fixed_packages

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7831-8u7z-6fep

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-buwp-69zb-93hs

vulnerability	VCID-cbtm-g4t5-u3am

vulnerability	VCID-d5vz-puw9-t7er

vulnerability	VCID-kw32-af5a-hqg8

vulnerability	VCID-q7k6-59z5-d7a7

vulnerability	VCID-wktm-ya6k-v7dv

vulnerability	VCID-x8t7-agtn-zudu

vulnerability	VCID-xdct-ca96-3uat

vulnerability	VCID-zmax-894d-5kfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kw32-af5a-hqg8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2025-67484

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8qp-v64u-tuh8

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie

Package Instance