Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/mediawiki@1:1.15.5-4?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.15.5-4?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-41dt-sag4-tbc8 MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter. CVE-2011-4360
VCID-edpm-d35f-qfch MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::ajaxGetExistsWarning function, or by (2) leveraging an extension, as demonstrated by the CategoryTree, ExtTab, and InlineEditor extensions. CVE-2011-4361

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T09:56:25.866972+00:00 Debian Importer Fixing VCID-41dt-sag4-tbc8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:32:00.025838+00:00 Debian Importer Fixing VCID-edpm-d35f-qfch https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-12T18:14:22.485431+00:00 Debian Importer Fixing VCID-41dt-sag4-tbc8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T17:48:53.472755+00:00 Debian Importer Fixing VCID-edpm-d35f-qfch https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:45:42.116520+00:00 Debian Importer Fixing VCID-edpm-d35f-qfch https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:42.060355+00:00 Debian Importer Fixing VCID-41dt-sag4-tbc8 https://security-tracker.debian.org/tracker/data/json 38.1.0