VulnerableCode Package Details - pkg:alpm/archlinux/mediawiki@1.31.1-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/mediawiki@1.31.1-1

Essentials
History (3)

purl	pkg:alpm/archlinux/mediawiki@1.31.1-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-35t3-tu86-nugv	Mediawiki tarball is missing .htaccess files Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible.	CVE-2018-13258 GHSA-2c28-7gwv-cpgf
VCID-sf61-byhw-17gv	Mediawiki Improper Privilege Management Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.	CVE-2018-0503 GHSA-mhfv-9h99-jwg7
VCID-v27j-4pnt-n7h9	Mediawiki BotPassword can bypass CentralAuth's account lock Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock	CVE-2018-0505 GHSA-5c6w-f4w2-2grp

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:27:04.316114+00:00	Arch Linux Importer	Fixing	VCID-sf61-byhw-17gv	https://security.archlinux.org/AVG-765	38.0.0
2026-04-01T18:27:04.287731+00:00	Arch Linux Importer	Fixing	VCID-v27j-4pnt-n7h9	https://security.archlinux.org/AVG-765	38.0.0
2026-04-01T18:27:04.202772+00:00	Arch Linux Importer	Fixing	VCID-35t3-tu86-nugv	https://security.archlinux.org/AVG-765	38.0.0