VulnerableCode Package Details - pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie

Essentials
History (60)

purl	pkg:deb/debian/mediawiki@1:1.43.5%2Bdfsg-1?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (20)

Vulnerability	Summary	Aliases
VCID-27j6-j549-6fak	MediaWiki: MediaWiki: Cross-site Scripting via improper input neutralization	CVE-2025-61637
VCID-4yhr-jjt9-afaq	Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61641
VCID-7kax-fqa1-kfbu	Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.	CVE-2025-61652
VCID-7wh4-say2-pqap	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61656
VCID-8uw8-ja3w-r3da	MediaWiki: MediaWiki: Cross-site Scripting (XSS) vulnerability	CVE-2025-11261
VCID-a11n-r5nu-pben	Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php. This issue affects Thanks: from * before 1.43.4, 1.44.1.	CVE-2025-61654
VCID-b2ha-594t-9qgw	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js. This issue affects Vector: from * before 1.43.4, 1.44.1.	CVE-2025-61657
VCID-den1-257q-euc9	Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue affects TextExtracts: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61653
VCID-e8np-4nbw-t3b3	Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-11173
VCID-fptt-2t1j-8fec	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61639
VCID-gad5-ezcv-37a2	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61636
VCID-hjjw-pz2f-rqg2	MediaWiki: MediaWiki: Cross-site Scripting (XSS) vulnerability via improper input neutralization	CVE-2025-61642
VCID-m1xy-yucr-dqfs	Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit: *.	CVE-2025-61635
VCID-mbs4-gs37-1fh5	Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61646
VCID-pm3s-z5ap-qqay	MediaWiki: MediaWiki: Arbitrary code execution via Cross-site Scripting (XSS)	CVE-2025-61640
VCID-r5gb-8nuq-2yca	Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61634
VCID-sr9a-a6vt-1qgt	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Parsoid: from * before 0.16.6, 0.20.4, 0.21.1.	CVE-2025-61638
VCID-vaaj-f4v8-qbhj	Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extension: 1.44, 1.43.	CVE-2025-11175
VCID-vjd5-jv5h-yfhw	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js. This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61655
VCID-ztxx-cc2c-87at	Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.	CVE-2025-61643

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:19:08.690736+00:00	Debian Importer	Fixing	VCID-ztxx-cc2c-87at	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:12:37.263784+00:00	Debian Importer	Fixing	VCID-e8np-4nbw-t3b3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:52:04.194112+00:00	Debian Importer	Fixing	VCID-pm3s-z5ap-qqay	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:44:27.088521+00:00	Debian Importer	Fixing	VCID-b2ha-594t-9qgw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:41:38.398703+00:00	Debian Importer	Fixing	VCID-m1xy-yucr-dqfs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:24:17.543996+00:00	Debian Importer	Fixing	VCID-mbs4-gs37-1fh5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:03:53.077047+00:00	Debian Importer	Fixing	VCID-gad5-ezcv-37a2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:55:12.536523+00:00	Debian Importer	Fixing	VCID-8uw8-ja3w-r3da	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:53:22.974419+00:00	Debian Importer	Fixing	VCID-hjjw-pz2f-rqg2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:40:47.022880+00:00	Debian Importer	Fixing	VCID-fptt-2t1j-8fec	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:23:42.425579+00:00	Debian Importer	Fixing	VCID-a11n-r5nu-pben	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:16:10.661647+00:00	Debian Importer	Fixing	VCID-7wh4-say2-pqap	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:09:30.838791+00:00	Debian Importer	Fixing	VCID-sr9a-a6vt-1qgt	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:54:54.402653+00:00	Debian Importer	Fixing	VCID-4yhr-jjt9-afaq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:52:29.787284+00:00	Debian Importer	Fixing	VCID-vaaj-f4v8-qbhj	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:51:06.120668+00:00	Debian Importer	Fixing	VCID-den1-257q-euc9	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:43:09.746732+00:00	Debian Importer	Fixing	VCID-27j6-j549-6fak	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:41:37.068741+00:00	Debian Importer	Fixing	VCID-7kax-fqa1-kfbu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:40:42.009107+00:00	Debian Importer	Fixing	VCID-vjd5-jv5h-yfhw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:38:43.507985+00:00	Debian Importer	Fixing	VCID-r5gb-8nuq-2yca	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T18:14:32.870044+00:00	Debian Importer	Fixing	VCID-b2ha-594t-9qgw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:32.658469+00:00	Debian Importer	Fixing	VCID-den1-257q-euc9	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:32.547512+00:00	Debian Importer	Fixing	VCID-mbs4-gs37-1fh5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:32.401502+00:00	Debian Importer	Fixing	VCID-ztxx-cc2c-87at	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:32.350528+00:00	Debian Importer	Fixing	VCID-hjjw-pz2f-rqg2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:32.244689+00:00	Debian Importer	Fixing	VCID-pm3s-z5ap-qqay	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:32.037140+00:00	Debian Importer	Fixing	VCID-gad5-ezcv-37a2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:31.978283+00:00	Debian Importer	Fixing	VCID-m1xy-yucr-dqfs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:31.452779+00:00	Debian Importer	Fixing	VCID-8uw8-ja3w-r3da	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T18:14:31.333669+00:00	Debian Importer	Fixing	VCID-e8np-4nbw-t3b3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:26:21.806775+00:00	Debian Importer	Fixing	VCID-fptt-2t1j-8fec	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:16:19.592594+00:00	Debian Importer	Fixing	VCID-a11n-r5nu-pben	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:11:45.285480+00:00	Debian Importer	Fixing	VCID-7wh4-say2-pqap	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:07:54.139188+00:00	Debian Importer	Fixing	VCID-sr9a-a6vt-1qgt	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:07:39.415810+00:00	Debian Importer	Fixing	VCID-27j6-j549-6fak	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:58:56.698739+00:00	Debian Importer	Fixing	VCID-4yhr-jjt9-afaq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:57:28.974503+00:00	Debian Importer	Fixing	VCID-vaaj-f4v8-qbhj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:50:33.545547+00:00	Debian Importer	Fixing	VCID-7kax-fqa1-kfbu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:50:00.546192+00:00	Debian Importer	Fixing	VCID-vjd5-jv5h-yfhw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:48:46.633060+00:00	Debian Importer	Fixing	VCID-r5gb-8nuq-2yca	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:45:53.586485+00:00	Debian Importer	Fixing	VCID-b2ha-594t-9qgw	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.528999+00:00	Debian Importer	Fixing	VCID-7wh4-say2-pqap	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.473471+00:00	Debian Importer	Fixing	VCID-vjd5-jv5h-yfhw	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.417173+00:00	Debian Importer	Fixing	VCID-a11n-r5nu-pben	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.361575+00:00	Debian Importer	Fixing	VCID-den1-257q-euc9	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.305866+00:00	Debian Importer	Fixing	VCID-7kax-fqa1-kfbu	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.250495+00:00	Debian Importer	Fixing	VCID-mbs4-gs37-1fh5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.097291+00:00	Debian Importer	Fixing	VCID-ztxx-cc2c-87at	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:53.041931+00:00	Debian Importer	Fixing	VCID-hjjw-pz2f-rqg2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.986491+00:00	Debian Importer	Fixing	VCID-4yhr-jjt9-afaq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.931388+00:00	Debian Importer	Fixing	VCID-pm3s-z5ap-qqay	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.875607+00:00	Debian Importer	Fixing	VCID-fptt-2t1j-8fec	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.821016+00:00	Debian Importer	Fixing	VCID-sr9a-a6vt-1qgt	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.766478+00:00	Debian Importer	Fixing	VCID-27j6-j549-6fak	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.710668+00:00	Debian Importer	Fixing	VCID-gad5-ezcv-37a2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.655399+00:00	Debian Importer	Fixing	VCID-m1xy-yucr-dqfs	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.600718+00:00	Debian Importer	Fixing	VCID-r5gb-8nuq-2yca	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.114459+00:00	Debian Importer	Fixing	VCID-8uw8-ja3w-r3da	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.059117+00:00	Debian Importer	Fixing	VCID-vaaj-f4v8-qbhj	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:45:52.003728+00:00	Debian Importer	Fixing	VCID-e8np-4nbw-t3b3	https://security-tracker.debian.org/tracker/data/json	38.1.0