VulnerableCode Package Details - pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2wcb-hty6-uyez	Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.	CVE-2025-32072
VCID-95d1-mkm6-r3cq	Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0.	CVE-2025-6591
VCID-a8nh-mvhd-bka7	MediaWiki: MediaWiki: Vulnerability in authentication management	CVE-2025-6597
VCID-b5ke-cjtq-q3ev	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0.	CVE-2025-6595
VCID-h3d2-nr9e-nqbk	Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.	CVE-2025-6926
VCID-h789-pcxv-kbgd	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php. This issue affects MediaWiki: from * through 1.39.12, 1.42.76 1.43.1, 1.44.0.	CVE-2025-6590
VCID-k7qb-7hbj-1qc2	MediaWiki: MediaWiki: Cross-site Scripting vulnerability via improper input neutralization	CVE-2025-6594
VCID-xtd9-wbd9-67ew	Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0.	CVE-2025-6593

Vulnerability

Summary

Aliases

VCID-2wcb-hty6-uyez

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.

CVE-2025-32072

VCID-95d1-mkm6-r3cq

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0.

CVE-2025-6591

VCID-a8nh-mvhd-bka7

MediaWiki: MediaWiki: Vulnerability in authentication management

CVE-2025-6597

VCID-b5ke-cjtq-q3ev

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0.

CVE-2025-6595

VCID-h3d2-nr9e-nqbk

Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

CVE-2025-6926

VCID-h789-pcxv-kbgd

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php. This issue affects MediaWiki: from * through 1.39.12, 1.42.76 1.43.1, 1.44.0.

CVE-2025-6590

VCID-k7qb-7hbj-1qc2

MediaWiki: MediaWiki: Cross-site Scripting vulnerability via improper input neutralization

CVE-2025-6594

VCID-xtd9-wbd9-67ew

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0.

CVE-2025-6593

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:04:53.379571+00:00	Debian Importer	Fixing	VCID-h789-pcxv-kbgd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:37:20.309616+00:00	Debian Importer	Fixing	VCID-h3d2-nr9e-nqbk	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:13:07.101673+00:00	Debian Importer	Fixing	VCID-k7qb-7hbj-1qc2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:04:44.675393+00:00	Debian Importer	Fixing	VCID-b5ke-cjtq-q3ev	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:59:21.969086+00:00	Debian Importer	Fixing	VCID-2wcb-hty6-uyez	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:58:26.989863+00:00	Debian Importer	Fixing	VCID-xtd9-wbd9-67ew	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:50:21.252190+00:00	Debian Importer	Fixing	VCID-a8nh-mvhd-bka7	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:42:26.274304+00:00	Debian Importer	Fixing	VCID-95d1-mkm6-r3cq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T18:14:33.969009+00:00	Debian Importer	Fixing	VCID-h3d2-nr9e-nqbk	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:32.958235+00:00	Debian Importer	Fixing	VCID-h789-pcxv-kbgd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:16:36.903784+00:00	Debian Importer	Fixing	VCID-2wcb-hty6-uyez	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:10:02.609432+00:00	Debian Importer	Fixing	VCID-k7qb-7hbj-1qc2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:05:04.160005+00:00	Debian Importer	Fixing	VCID-b5ke-cjtq-q3ev	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:01:09.745349+00:00	Debian Importer	Fixing	VCID-xtd9-wbd9-67ew	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:56:18.338753+00:00	Debian Importer	Fixing	VCID-a8nh-mvhd-bka7	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:51:05.559176+00:00	Debian Importer	Fixing	VCID-95d1-mkm6-r3cq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:45:54.721113+00:00	Debian Importer	Fixing	VCID-h3d2-nr9e-nqbk	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:54.109679+00:00	Debian Importer	Fixing	VCID-a8nh-mvhd-bka7	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.986876+00:00	Debian Importer	Fixing	VCID-b5ke-cjtq-q3ev	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.923598+00:00	Debian Importer	Fixing	VCID-k7qb-7hbj-1qc2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.860727+00:00	Debian Importer	Fixing	VCID-xtd9-wbd9-67ew	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.741425+00:00	Debian Importer	Fixing	VCID-95d1-mkm6-r3cq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.678385+00:00	Debian Importer	Fixing	VCID-h789-pcxv-kbgd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.150948+00:00	Debian Importer	Fixing	VCID-2wcb-hty6-uyez	https://security-tracker.debian.org/tracker/data/json	38.1.0