Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (10)
Vulnerability Summary Aliases
VCID-1na8-nyq1-yfcy An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. CVE-2021-20270
GHSA-9w8r-397f-prfh
PYSEC-2021-140
VCID-32f4-khen-3yez Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition. CVE-2021-30159
VCID-6ads-gs3n-dubh Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition. CVE-2021-30458
GHSA-5pqx-77vf-85rw
VCID-7m3q-wuh7-k7fn Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition. CVE-2021-30154
VCID-8sqw-6aae-13f5 Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition. CVE-2021-30157
VCID-ad34-frk5-kqds Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition. CVE-2021-30158
VCID-brg4-rv29-1fgz In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service. CVE-2021-27291
GHSA-pq64-v7f5-gqh8
PYSEC-2021-141
VCID-fnzm-dxb3-v7hr An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists. (It shouldn't because they are hidden.) This is related to ApiVisualEditor. CVE-2021-30153
VCID-k1f5-msra-4kam Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition. CVE-2021-30155
VCID-rwtk-hep1-xfaw Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition. CVE-2021-30152

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T09:57:53.895243+00:00 Debian Importer Fixing VCID-6ads-gs3n-dubh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:46:05.625898+00:00 Debian Importer Fixing VCID-1na8-nyq1-yfcy https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:17:01.285037+00:00 Debian Importer Fixing VCID-k1f5-msra-4kam https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:03:38.572053+00:00 Debian Importer Fixing VCID-fnzm-dxb3-v7hr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:55:11.060880+00:00 Debian Importer Fixing VCID-8sqw-6aae-13f5 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:50:49.675701+00:00 Debian Importer Fixing VCID-ad34-frk5-kqds https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:47:39.064921+00:00 Debian Importer Fixing VCID-brg4-rv29-1fgz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:45:26.978677+00:00 Debian Importer Fixing VCID-7m3q-wuh7-k7fn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:40:15.666710+00:00 Debian Importer Fixing VCID-32f4-khen-3yez https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:38:50.696644+00:00 Debian Importer Fixing VCID-rwtk-hep1-xfaw https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-12T18:14:29.031200+00:00 Debian Importer Fixing VCID-6ads-gs3n-dubh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T18:14:28.769109+00:00 Debian Importer Fixing VCID-k1f5-msra-4kam https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T18:14:28.564888+00:00 Debian Importer Fixing VCID-1na8-nyq1-yfcy https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:04:24.394969+00:00 Debian Importer Fixing VCID-fnzm-dxb3-v7hr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:59:10.602796+00:00 Debian Importer Fixing VCID-8sqw-6aae-13f5 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:56:35.259853+00:00 Debian Importer Fixing VCID-ad34-frk5-kqds https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:54:30.794605+00:00 Debian Importer Fixing VCID-brg4-rv29-1fgz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:53:00.557480+00:00 Debian Importer Fixing VCID-7m3q-wuh7-k7fn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:49:42.201518+00:00 Debian Importer Fixing VCID-32f4-khen-3yez https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:48:51.594657+00:00 Debian Importer Fixing VCID-rwtk-hep1-xfaw https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:45:49.629389+00:00 Debian Importer Fixing VCID-6ads-gs3n-dubh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.580032+00:00 Debian Importer Fixing VCID-32f4-khen-3yez https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.530360+00:00 Debian Importer Fixing VCID-ad34-frk5-kqds https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.481046+00:00 Debian Importer Fixing VCID-8sqw-6aae-13f5 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.381513+00:00 Debian Importer Fixing VCID-k1f5-msra-4kam https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.330355+00:00 Debian Importer Fixing VCID-7m3q-wuh7-k7fn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.280064+00:00 Debian Importer Fixing VCID-fnzm-dxb3-v7hr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.230024+00:00 Debian Importer Fixing VCID-rwtk-hep1-xfaw https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.180642+00:00 Debian Importer Fixing VCID-brg4-rv29-1fgz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:49.131914+00:00 Debian Importer Fixing VCID-1na8-nyq1-yfcy https://security-tracker.debian.org/tracker/data/json 38.1.0