Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.11-1~deb11u1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-7eba-7gsc-hbfg X-Forwarded-For header allows brute-forcing autoblocked IP addresses An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header. CVE-2023-29141
GHSA-5vj8-g3qg-4qh6
VCID-9g1g-z7d8-c7ah Regular Expression Denial of Service in papaparse Versions of `papaparse` prior to 5.2.0 are vulnerable to Regular Expression Denial of Service (ReDos). The `parse` function contains a malformed regular expression that takes exponentially longer to process non-numerical inputs. This allows attackers to stall systems and lead to Denial of Service. ## Recommendation Upgrade to version 5.2.0 or later. CVE-2020-36649
GHSA-qvjc-g5vr-mfgr
GMS-2020-421
VCID-b8r6-r39r-3ffm MediaWiki: Manualthumb bypasses badFile lookup CVE-2023-36674
VCID-jwkd-wdus-6ygg Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service. CVE-2022-47927
VCID-ruur-4cvx-cqct mediawiki: cross site scripting CVE-2023-36675

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T10:01:06.099082+00:00 Debian Importer Fixing VCID-b8r6-r39r-3ffm https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:55:39.593578+00:00 Debian Importer Fixing VCID-7eba-7gsc-hbfg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:25:21.693949+00:00 Debian Importer Fixing VCID-jwkd-wdus-6ygg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:07:58.766686+00:00 Debian Importer Fixing VCID-9g1g-z7d8-c7ah https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:52:36.281216+00:00 Debian Importer Fixing VCID-ruur-4cvx-cqct https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-12T18:14:30.597847+00:00 Debian Importer Fixing VCID-b8r6-r39r-3ffm https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T18:14:30.471724+00:00 Debian Importer Fixing VCID-7eba-7gsc-hbfg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:17:18.988193+00:00 Debian Importer Fixing VCID-jwkd-wdus-6ygg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:07:01.390732+00:00 Debian Importer Fixing VCID-9g1g-z7d8-c7ah https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:57:30.870368+00:00 Debian Importer Fixing VCID-ruur-4cvx-cqct https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:45:51.319110+00:00 Debian Importer Fixing VCID-ruur-4cvx-cqct https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:51.257761+00:00 Debian Importer Fixing VCID-b8r6-r39r-3ffm https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:51.131733+00:00 Debian Importer Fixing VCID-7eba-7gsc-hbfg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:51.076652+00:00 Debian Importer Fixing VCID-jwkd-wdus-6ygg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.081579+00:00 Debian Importer Fixing VCID-9g1g-z7d8-c7ah https://security-tracker.debian.org/tracker/data/json 38.1.0