Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/mediawiki/core@1.38.0-rc.1
purl pkg:composer/mediawiki/core@1.38.0-rc.1
Next non-vulnerable version 1.39.5
Latest non-vulnerable version 1.40.1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-jm7q-2w3j-buhh
Aliases:
CVE-2023-45363
GHSA-w5fx-cx7f-6vr9
MediaWiki Denial of Service vulnerability An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set.
1.39.5
Affected by 0 other vulnerabilities.
1.40.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:40:13.629450+00:00 GitLab Importer Affected by VCID-jm7q-2w3j-buhh https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/mediawiki/core/CVE-2023-45363.yml 38.4.0
2026-04-11T23:59:40.805749+00:00 GitLab Importer Affected by VCID-jm7q-2w3j-buhh https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/mediawiki/core/CVE-2023-45363.yml 38.3.0
2026-04-03T00:02:44.466361+00:00 GitLab Importer Affected by VCID-jm7q-2w3j-buhh https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/mediawiki/core/CVE-2023-45363.yml 38.1.0