Search for packages
| purl | pkg:rpm/redhat/mediawiki123@1.23.17-1?arch=el7 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-sf61-byhw-17gv
Aliases: CVE-2018-0503 GHSA-mhfv-9h99-jwg7 |
Mediawiki Improper Privilege Management Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'. | There are no reported fixed by versions. |
|
VCID-v27j-4pnt-n7h9
Aliases: CVE-2018-0505 GHSA-5c6w-f4w2-2grp |
Mediawiki BotPassword can bypass CentralAuth's account lock Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock | There are no reported fixed by versions. |
|
VCID-w3f8-nrqd-p7gq
Aliases: CVE-2018-0504 GHSA-hr8v-f4g2-p66f |
Mediawiki information disclosure vulnerability Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:22:17.037280+00:00 | RedHat Importer | Affected by | VCID-w3f8-nrqd-p7gq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0504.json | 38.0.0 |
| 2026-04-01T14:22:16.996960+00:00 | RedHat Importer | Affected by | VCID-v27j-4pnt-n7h9 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0505.json | 38.0.0 |
| 2026-04-01T14:22:16.954317+00:00 | RedHat Importer | Affected by | VCID-sf61-byhw-17gv | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0503.json | 38.0.0 |