{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","type":"deb","namespace":"debian","name":"mediawiki","version":"1:1.35.13-1+deb11u2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:1.39.17-1+deb12u2","latest_non_vulnerable_version":"1:1.43.8+dfsg-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96640?format=json","vulnerability_id":"VCID-2wcb-hty6-uyez","summary":"Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32072","reference_id":"","reference_type":"","scores":[{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63766","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67797","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67788","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67807","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67818","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67822","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67715","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67781","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67805","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67791","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67757","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.67793","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32072"},{"reference_url":"https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1120134","reference_id":"1120134","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-11T16:39:44Z/"}],"url":"https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1120134"},{"reference_url":"https://phabricator.wikimedia.org/T386175","reference_id":"T386175","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-11T16:39:44Z/"}],"url":"https://phabricator.wikimedia.org/T386175"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-32072"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2wcb-hty6-uyez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96907?format=json","vulnerability_id":"VCID-3zue-5ccg-23hs","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php.  This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67480","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20382","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2052","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20524","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20647","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20645","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20636","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20489","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33338","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33202","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33244","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33279","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33283","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.365","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36524","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480"},{"reference_url":"https://phabricator.wikimedia.org/T401053","reference_id":"T401053","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:01:49Z/"}],"url":"https://phabricator.wikimedia.org/T401053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-67480"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zue-5ccg-23hs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96834?format=json","vulnerability_id":"VCID-4yhr-jjt9-afaq","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61641","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00371","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00385","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00372","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00374","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00567","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00556","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00558","published_at":"2026-04-26T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00525","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00523","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00524","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00521","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00526","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0056","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61641"},{"reference_url":"https://phabricator.wikimedia.org/T298690","reference_id":"T298690","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:09:22Z/"}],"url":"https://phabricator.wikimedia.org/T298690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61641"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"1.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yhr-jjt9-afaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77881?format=json","vulnerability_id":"VCID-5myd-ngfx-5qhb","summary":"mediawiki: group-.*-member messages are not properly escaped on Special:log/rights","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51704.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51704","reference_id":"","reference_type":"","scores":[{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60579","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60548","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60597","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60637","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60622","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60601","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60643","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60648","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60636","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.6062","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60632","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255582","reference_id":"2255582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255582"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2023-51704"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5myd-ngfx-5qhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96646?format=json","vulnerability_id":"VCID-74ej-8sna-jyek","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php.  This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32698","reference_id":"","reference_type":"","scores":[{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68838","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68853","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68859","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68739","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68717","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68768","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68788","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.6881","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68796","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68767","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68809","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68819","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68798","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68846","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32698"},{"reference_url":"https://phabricator.wikimedia.org/T385958","reference_id":"T385958","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:51:46Z/"}],"url":"https://phabricator.wikimedia.org/T385958"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-32698"],"risk_score":0.7,"exploitability":"0.5","weighted_severity":"1.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-74ej-8sna-jyek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96645?format=json","vulnerability_id":"VCID-7831-8u7z-6fep","summary":"Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php.  This issue affects MediaWiki: before 1.42.6, 1.43.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32697","reference_id":"","reference_type":"","scores":[{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49172","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54208","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54212","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54193","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.5416","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54173","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.5415","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54135","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.5411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54161","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54159","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54209","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54191","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.5417","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32697"},{"reference_url":"https://phabricator.wikimedia.org/T140010","reference_id":"T140010","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:05:19Z/"}],"url":"https://phabricator.wikimedia.org/T140010"},{"reference_url":"https://phabricator.wikimedia.org/T24521","reference_id":"T24521","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:05:19Z/"}],"url":"https://phabricator.wikimedia.org/T24521"},{"reference_url":"https://phabricator.wikimedia.org/T62109","reference_id":"T62109","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:05:19Z/"}],"url":"https://phabricator.wikimedia.org/T62109"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1068111?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026192?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1"}],"aliases":["CVE-2025-32697"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7831-8u7z-6fep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96839?format=json","vulnerability_id":"VCID-7wh4-say2-pqap","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js.  This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61656","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05235","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0625","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06021","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06029","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06193","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06225","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06232","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06064","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1447","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14413","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14403","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61656"},{"reference_url":"https://phabricator.wikimedia.org/T397232","reference_id":"T397232","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:00:27Z/"}],"url":"https://phabricator.wikimedia.org/T397232"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61656"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wh4-say2-pqap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64772?format=json","vulnerability_id":"VCID-8uw8-ja3w-r3da","summary":"MediaWiki: MediaWiki: Cross-site Scripting (XSS) vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11261.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11261.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11261","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00267","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00263","published_at":"2026-04-07T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00347","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0035","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00348","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11261"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11261"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436168","reference_id":"2436168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436168"},{"reference_url":"https://phabricator.wikimedia.org/T402077","reference_id":"T402077","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:05Z/"}],"url":"https://phabricator.wikimedia.org/T402077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-11261"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8uw8-ja3w-r3da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96891?format=json","vulnerability_id":"VCID-95d1-mkm6-r3cq","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php.  This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6591","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01862","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01899","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01856","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01852","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02299","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02062","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02268","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02275","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02371","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02286","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02068","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02066","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6591"},{"reference_url":"https://phabricator.wikimedia.org/T392276","reference_id":"T392276","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T15:32:29Z/"}],"url":"https://phabricator.wikimedia.org/T392276"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-6591"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95d1-mkm6-r3cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64779?format=json","vulnerability_id":"VCID-a8nh-mvhd-bka7","summary":"MediaWiki: MediaWiki: Vulnerability in authentication management","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6597.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6597","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05716","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05743","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05684","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05676","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06164","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06134","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06142","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05974","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05965","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05921","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05932","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06083","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06105","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6597"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436116","reference_id":"2436116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436116"},{"reference_url":"https://phabricator.wikimedia.org/T389009","reference_id":"T389009","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:12:25Z/"}],"url":"https://phabricator.wikimedia.org/T389009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-6597"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a8nh-mvhd-bka7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96893?format=json","vulnerability_id":"VCID-b5ke-cjtq-q3ev","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6595","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00447","published_at":"2026-04-29T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00449","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00317","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00316","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00307","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00305","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00428","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00423","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00422","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00418","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6595"},{"reference_url":"https://phabricator.wikimedia.org/T394863","reference_id":"T394863","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T19:53:03Z/"}],"url":"https://phabricator.wikimedia.org/T394863"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-6595"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5ke-cjtq-q3ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/349652?format=json","vulnerability_id":"VCID-cbtm-g4t5-u3am","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34093"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068111?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1068115?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026193?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1059947?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2"}],"aliases":["CVE-2026-34093"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtm-g4t5-u3am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/349650?format=json","vulnerability_id":"VCID-d5vz-puw9-t7er","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34088"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068111?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1068115?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026193?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1059947?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2"}],"aliases":["CVE-2026-34088"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d5vz-puw9-t7er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96837?format=json","vulnerability_id":"VCID-den1-257q-euc9","summary":"Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php.  This issue affects TextExtracts: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61653","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24981","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25053","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25092","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24867","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25319","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25435","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25636","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25579","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25581","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25566","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25538","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.2549","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61653"},{"reference_url":"https://phabricator.wikimedia.org/T397577","reference_id":"T397577","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T20:59:18Z/"}],"url":"https://phabricator.wikimedia.org/T397577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61653"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-den1-257q-euc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96449?format=json","vulnerability_id":"VCID-e8np-4nbw-t3b3","summary":"Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php.  This issue affects OATHAuth: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11173","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0407","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03956","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03948","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04085","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11173"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11173"},{"reference_url":"https://phabricator.wikimedia.org/T401862","reference_id":"T401862","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:50Z/"}],"url":"https://phabricator.wikimedia.org/T401862"},{"reference_url":"https://phabricator.wikimedia.org/T402094","reference_id":"T402094","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:07:50Z/"}],"url":"https://phabricator.wikimedia.org/T402094"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-11173"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8np-4nbw-t3b3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96833?format=json","vulnerability_id":"VCID-fptt-2t1j-8fec","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61639","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00487","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00496","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00485","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00491","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00489","published_at":"2026-04-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00727","published_at":"2026-05-05T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00718","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00719","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00685","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00678","published_at":"2026-04-13T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00671","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00677","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00716","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61639"},{"reference_url":"https://phabricator.wikimedia.org/T280413","reference_id":"T280413","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:10:07Z/"}],"url":"https://phabricator.wikimedia.org/T280413"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61639"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"1.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fptt-2t1j-8fec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96917?format=json","vulnerability_id":"VCID-h3d2-nr9e-nqbk","summary":"Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6926","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24513","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24296","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24363","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24407","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24424","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24382","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24326","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24343","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24332","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25501","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25454","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25446","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5057","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50647","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6926"},{"reference_url":"https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117","reference_id":"1165117","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-03T17:40:14Z/"}],"url":"https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117"},{"reference_url":"https://phabricator.wikimedia.org/T389010","reference_id":"T389010","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-03T17:40:14Z/"}],"url":"https://phabricator.wikimedia.org/T389010"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-6926"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h3d2-nr9e-nqbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96890?format=json","vulnerability_id":"VCID-h789-pcxv-kbgd","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php.  This issue affects MediaWiki: from * through 1.39.12, 1.42.76 1.43.1, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6590","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01847","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01527","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01531","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01534","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01538","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01541","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01727","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01717","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01716","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01705","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01706","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01796","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01808","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01802","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6590"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6590","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6590"},{"reference_url":"https://phabricator.wikimedia.org/T392746","reference_id":"T392746","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:11:34Z/"}],"url":"https://phabricator.wikimedia.org/T392746"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-6590"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h789-pcxv-kbgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64778?format=json","vulnerability_id":"VCID-k7qb-7hbj-1qc2","summary":"MediaWiki: MediaWiki: Cross-site Scripting vulnerability via improper input neutralization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6594.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6594.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6594","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00317","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00447","published_at":"2026-04-29T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00449","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00316","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00307","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00305","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00428","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00423","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00422","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00418","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6594"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436122","reference_id":"2436122","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436122"},{"reference_url":"https://phabricator.wikimedia.org/T395063","reference_id":"T395063","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T19:57:15Z/"}],"url":"https://phabricator.wikimedia.org/T395063"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-6594"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k7qb-7hbj-1qc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/349653?format=json","vulnerability_id":"VCID-kw32-af5a-hqg8","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068111?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1068115?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026193?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1059947?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2"}],"aliases":["CVE-2026-34095"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kw32-af5a-hqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96831?format=json","vulnerability_id":"VCID-m1xy-yucr-dqfs","summary":"Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php.  This issue affects ConfirmEdit: *.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61635","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04001","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03956","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03948","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0407","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04085","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61635"},{"reference_url":"https://phabricator.wikimedia.org/T355073","reference_id":"T355073","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:M/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:13:27Z/"}],"url":"https://phabricator.wikimedia.org/T355073"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61635"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1xy-yucr-dqfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96908?format=json","vulnerability_id":"VCID-m7uw-sa5j-u3bw","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js.  This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67481","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01965","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01941","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01915","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01999","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01985","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01984","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02013","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05765","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0573","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05726","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05791","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05689","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481"},{"reference_url":"https://phabricator.wikimedia.org/T251032","reference_id":"T251032","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:13Z/"}],"url":"https://phabricator.wikimedia.org/T251032"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-67481"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7uw-sa5j-u3bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96836?format=json","vulnerability_id":"VCID-mbs4-gs37-1fh5","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61646","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00382","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00396","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00383","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00385","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00593","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00584","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00586","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00547","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00548","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00545","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0055","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00587","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61646"},{"reference_url":"https://phabricator.wikimedia.org/T398706","reference_id":"T398706","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:04:40Z/"}],"url":"https://phabricator.wikimedia.org/T398706"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61646"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mbs4-gs37-1fh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64776?format=json","vulnerability_id":"VCID-pm3s-z5ap-qqay","summary":"MediaWiki: MediaWiki: Arbitrary code execution via Cross-site Scripting (XSS)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61640.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61640.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61640","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00267","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00263","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00353","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0035","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00348","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00347","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61640"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436106","reference_id":"2436106","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436106"},{"reference_url":"https://phabricator.wikimedia.org/T402075","reference_id":"T402075","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:09:45Z/"}],"url":"https://phabricator.wikimedia.org/T402075"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61640"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pm3s-z5ap-qqay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96647?format=json","vulnerability_id":"VCID-pwjk-pzpj-aff6","summary":"Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32699","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55778","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6026","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60317","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60304","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60272","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60241","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60312","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60293","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60333","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60341","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6033","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60301","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32699"},{"reference_url":"https://phabricator.wikimedia.org/T387130","reference_id":"T387130","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/RE:M/U:Amber"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:51:20Z/"}],"url":"https://phabricator.wikimedia.org/T387130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-32699"],"risk_score":0.7,"exploitability":"0.5","weighted_severity":"1.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwjk-pzpj-aff6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96909?format=json","vulnerability_id":"VCID-qpgu-mg6m-vyef","summary":"Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C.  This issue affects Scribunto: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1; luasandbox: from * before fea2304f8f6ab30314369a612f4f5b165e68e95a.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67482","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05245","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05303","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05337","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05756","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05748","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05554","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0567","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05706","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482"},{"reference_url":"https://phabricator.wikimedia.org/T408135","reference_id":"T408135","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:14Z/"}],"url":"https://phabricator.wikimedia.org/T408135"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-67482"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"1.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpgu-mg6m-vyef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96832?format=json","vulnerability_id":"VCID-sr9a-a6vt-1qgt","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Parsoid: from * before 0.16.6, 0.20.4, 0.21.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61638","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00312","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00323","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00311","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00321","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00464","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00462","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00461","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00437","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00432","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00431","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00428","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00433","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00463","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61638"},{"reference_url":"https://phabricator.wikimedia.org/T401099","reference_id":"T401099","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:10:22Z/"}],"url":"https://phabricator.wikimedia.org/T401099"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61638"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sr9a-a6vt-1qgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96906?format=json","vulnerability_id":"VCID-tutk-y8jg-n7dh","summary":"Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php.  This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67478","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05618","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0561","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05574","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05372","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05376","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0554","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05546","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05545","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05607","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05579","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05811","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05818","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478"},{"reference_url":"https://phabricator.wikimedia.org/T385403","reference_id":"T385403","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:08Z/"}],"url":"https://phabricator.wikimedia.org/T385403"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-67478"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tutk-y8jg-n7dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64768?format=json","vulnerability_id":"VCID-v3dp-7stt-tygf","summary":"MediaWiki: MediaWiki: Cross-site Scripting vulnerability due to improper input neutralization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67475","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01642","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02425","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02432","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02532","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02519","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02507","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02572","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06247","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06223","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06203","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06288","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06192","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436176","reference_id":"2436176","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436176"},{"reference_url":"https://phabricator.wikimedia.org/T406664","reference_id":"T406664","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:07Z/"}],"url":"https://phabricator.wikimedia.org/T406664"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-67475"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3dp-7stt-tygf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96838?format=json","vulnerability_id":"VCID-vjd5-jv5h-yfhw","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js.  This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61655","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04535","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05749","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05492","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05502","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05664","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.057","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05736","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05742","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05549","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13002","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13121","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13067","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61655"},{"reference_url":"https://phabricator.wikimedia.org/T395858","reference_id":"T395858","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:00:47Z/"}],"url":"https://phabricator.wikimedia.org/T395858"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61655"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjd5-jv5h-yfhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96644?format=json","vulnerability_id":"VCID-w51y-hprj-buap","summary":"Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php.  This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32696","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50697","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55615","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55693","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55669","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55726","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55704","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55755","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55759","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55767","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55748","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.5573","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55771","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55749","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55676","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32696"},{"reference_url":"https://phabricator.wikimedia.org/T304474","reference_id":"T304474","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:06:02Z/"}],"url":"https://phabricator.wikimedia.org/T304474"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-32696"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w51y-hprj-buap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/349648?format=json","vulnerability_id":"VCID-wktm-ya6k-v7dv","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34086"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1068111?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026192?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068115?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026193?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1059947?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2"}],"aliases":["CVE-2026-34086"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wktm-ya6k-v7dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64771?format=json","vulnerability_id":"VCID-wraf-59ce-u3br","summary":"MediaWiki: MediaWiki: Vulnerability in parsing and sanitization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67479","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05245","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05303","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05337","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05756","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05748","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05554","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0567","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05706","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436184","reference_id":"2436184","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436184"},{"reference_url":"https://phabricator.wikimedia.org/T407131","reference_id":"T407131","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:19Z/"}],"url":"https://phabricator.wikimedia.org/T407131"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-67479"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wraf-59ce-u3br"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/349649?format=json","vulnerability_id":"VCID-x8t7-agtn-zudu","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34087"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068111?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1068115?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026193?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1059947?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2"}],"aliases":["CVE-2026-34087"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x8t7-agtn-zudu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96892?format=json","vulnerability_id":"VCID-xtd9-wbd9-67ew","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php.  This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6593","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04001","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03956","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03948","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0407","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04085","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6593"},{"reference_url":"https://phabricator.wikimedia.org/T396230","reference_id":"T396230","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T14:42:43Z/"}],"url":"https://phabricator.wikimedia.org/T396230"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-6593"],"risk_score":0.7,"exploitability":"0.5","weighted_severity":"1.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtd9-wbd9-67ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96662?format=json","vulnerability_id":"VCID-z3qw-4ejj-uffj","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php.  This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3469","reference_id":"","reference_type":"","scores":[{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.62921","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66937","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66967","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66964","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6689","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66863","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66911","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66925","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66945","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66931","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66899","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66932","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66947","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6693","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66953","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3469"},{"reference_url":"https://phabricator.wikimedia.org/T358689","reference_id":"T358689","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:06:28Z/"}],"url":"https://phabricator.wikimedia.org/T358689"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-3469"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3qw-4ejj-uffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64767?format=json","vulnerability_id":"VCID-z8qp-v64u-tuh8","summary":"MediaWiki: MediaWiki: Vulnerability in ApiFormatXml.Php requiring high privileges","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67484","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09405","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09366","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09368","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09518","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09571","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09536","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09493","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10019","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09981","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09879","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09954","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10004","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09933","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12043","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436190","reference_id":"2436190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436190"},{"reference_url":"https://phabricator.wikimedia.org/T401995","reference_id":"T401995","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:02:03Z/"}],"url":"https://phabricator.wikimedia.org/T401995"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-67484"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8qp-v64u-tuh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/349651?format=json","vulnerability_id":"VCID-zmax-894d-5kfd","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34092"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068111?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1068115?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026193?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1059947?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2"}],"aliases":["CVE-2026-34092"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zmax-894d-5kfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96835?format=json","vulnerability_id":"VCID-ztxx-cc2c-87at","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php.  This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61643","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00612","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00619","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00606","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00611","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00614","published_at":"2026-04-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00818","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00821","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00822","published_at":"2026-04-26T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00777","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0077","published_at":"2026-04-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00772","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00776","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0082","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61643"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61643"},{"reference_url":"https://phabricator.wikimedia.org/T403757","reference_id":"T403757","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/RE:M/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:15:36Z/"}],"url":"https://phabricator.wikimedia.org/T403757"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026191?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1"}],"aliases":["CVE-2025-61643"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztxx-cc2c-87at"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6299?format=json","vulnerability_id":"VCID-1na8-nyq1-yfcy","summary":"An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20270.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20270.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20270","reference_id":"","reference_type":"","scores":[{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42583","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42655","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42672","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42685","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42673","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42682","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42654","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44828","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.4477","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44961","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44911","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44968","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.4482","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44662","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20270"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922136","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-9w8r-397f-prfh","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9w8r-397f-prfh"},{"reference_url":"https://github.com/pygments/pygments","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pygments/pygments"},{"reference_url":"https://github.com/pygments/pygments/commit/f91804ff4772e3ab41f46e28d370f57898700333","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pygments/pygments/commit/f91804ff4772e3ab41f46e28d370f57898700333"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-140.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-140.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20270","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20270"},{"reference_url":"https://www.debian.org/security/2021/dsa-4889","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4889"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984664","reference_id":"984664","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984664"},{"reference_url":"https://security.archlinux.org/AVG-1662","reference_id":"AVG-1662","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1662"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0781","reference_id":"RHSA-2021:0781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3252","reference_id":"RHSA-2021:3252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4139","reference_id":"RHSA-2021:4139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4150","reference_id":"RHSA-2021:4150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4151","reference_id":"RHSA-2021:4151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4151"},{"reference_url":"https://usn.ubuntu.com/4885-1/","reference_id":"USN-4885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4885-1/"},{"reference_url":"https://usn.ubuntu.com/4897-2/","reference_id":"USN-4897-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4897-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-20270","GHSA-9w8r-397f-prfh","PYSEC-2021-140"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1na8-nyq1-yfcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78031?format=json","vulnerability_id":"VCID-2xja-2whv-fqe4","summary":"mediawiki: diff-multi-sameuser (\"X intermediate revisions by the same user not shown\") ignores username suppression","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45362.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45362.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45362","reference_id":"","reference_type":"","scores":[{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60186","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60211","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.6018","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.6023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60244","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60265","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60234","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60273","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60281","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60239","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60255","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60243","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.602","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247805","reference_id":"2247805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247805"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2023-45362"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2xja-2whv-fqe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51028?format=json","vulnerability_id":"VCID-32f4-khen-3yez","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30159.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30159.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30159","reference_id":"","reference_type":"","scores":[{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75081","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75083","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75112","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75089","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75123","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75135","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75157","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75124","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75339","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75289","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75296","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75287","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75322","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75326","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75329","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948638","reference_id":"1948638","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948638"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30159"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32f4-khen-3yez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58484?format=json","vulnerability_id":"VCID-424y-cjxg-c7az","summary":"MediaWiki Cross-site Scripting (XSS) vulnerability\nAn issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25815.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25815","reference_id":"","reference_type":"","scores":[{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59785","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59703","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59777","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59801","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.5977","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59822","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59835","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59839","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59859","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59866","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.5985","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.5982","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59838","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59823","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25815"},{"reference_url":"https://gerrit.wikimedia.org/g/mediawiki/core/+/ec76e14be658187544f07c1a249a047e1a75eaf8/includes/logging/LogEventsList.php#214","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gerrit.wikimedia.org/g/mediawiki/core/+/ec76e14be658187544f07c1a249a047e1a75eaf8/includes/logging/LogEventsList.php#214"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25815.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25815.yaml"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25815","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25815"},{"reference_url":"https://phabricator.wikimedia.org/T256171","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T256171"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903759","reference_id":"1903759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903759"},{"reference_url":"https://github.com/advisories/GHSA-2f58-vf6g-6p8x","reference_id":"GHSA-2f58-vf6g-6p8x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2f58-vf6g-6p8x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-25815","GHSA-2f58-vf6g-6p8x"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-424y-cjxg-c7az"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51030?format=json","vulnerability_id":"VCID-4dfp-3qk9-j7fg","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35197.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35197.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35197","reference_id":"","reference_type":"","scores":[{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72618","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72626","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72644","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72621","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.7266","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72673","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72696","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72679","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72711","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72723","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72714","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72756","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72765","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72761","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0073","scoring_system":"epss","scoring_elements":"0.72754","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1980308","reference_id":"1980308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1980308"},{"reference_url":"https://security.archlinux.org/ASA-202107-7","reference_id":"ASA-202107-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-7"},{"reference_url":"https://security.archlinux.org/AVG-2093","reference_id":"AVG-2093","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2093"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-35197"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dfp-3qk9-j7fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55256?format=json","vulnerability_id":"VCID-674z-nf4t-b7ez","summary":"Cross-domain cookie leakage in Guzzle\n### Impact\n\nPrevious version of Guzzle contain a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the `Set-Cookie` header, allowing a malicious server to set cookies for unrelated domains. For example an attacker at `www.example.com` might set a session cookie for `api.example.net`, logging the Guzzle client into their account and retrieving private API requests from the security log of their account.\n\nNote that our cookie middleware is disabled by default, so most library consumers will not be affected by this issue. Only those who manually add the cookie middleware to the handler stack or construct the client with `['cookies' => true]` are affected. Moreover, those who do not use the same Guzzle client to call multiple domains and have disabled redirect forwarding are not affected by this vulnerability.\n\n### Patches\n\nAffected Guzzle 7 users should upgrade to Guzzle 7.4.3 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.6 or 7.4.3.\n\n### Workarounds\n\nIf you do not need support for cookies, turn off the cookie middleware. It is already off by default, but if you have turned it on and no longer need it, turn it off.\n\n### References\n\n* [RFC6265 Section 5.3](https://datatracker.ietf.org/doc/html/rfc6265#section-5.3)\n* [RFC9110 Section 15.4](https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx)\n\n### For more information\n\nIf you have any questions or comments about this advisory, please get in touch with us in `#guzzle` on the [PHP HTTP Slack](https://php-http.slack.com/). Do not report additional security advisories in that public channel, however - please follow our [vulnerability reporting process](https://github.com/guzzle/guzzle/security/policy).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29248","reference_id":"","reference_type":"","scores":[{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70414","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70528","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70554","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70555","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70546","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70515","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70507","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70465","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.7048","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70471","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.7041","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70431","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-29248.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-29248.yaml"},{"reference_url":"https://github.com/guzzle/guzzle","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/guzzle"},{"reference_url":"https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:51Z/"}],"url":"https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab"},{"reference_url":"https://github.com/guzzle/guzzle/pull/3018","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:51Z/"}],"url":"https://github.com/guzzle/guzzle/pull/3018"},{"reference_url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:51Z/"}],"url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29248","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29248"},{"reference_url":"https://www.debian.org/security/2022/dsa-5246","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:51Z/"}],"url":"https://www.debian.org/security/2022/dsa-5246"},{"reference_url":"https://www.drupal.org/sa-core-2022-010","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:51Z/"}],"url":"https://www.drupal.org/sa-core-2022-010"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011636","reference_id":"1011636","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011636"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://github.com/advisories/GHSA-cwmx-hcrq-mhc3","reference_id":"GHSA-cwmx-hcrq-mhc3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cwmx-hcrq-mhc3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-29248","GHSA-cwmx-hcrq-mhc3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-674z-nf4t-b7ez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51029?format=json","vulnerability_id":"VCID-6ads-gs3n-dubh","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30458","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43969","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43931","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43954","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.4398","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44002","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43932","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43982","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43984","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.58825","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.58842","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.58864","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.58859","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.5879","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.58826","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.5884","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30458"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/wikimedia/parsoid/CVE-2021-30458.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/wikimedia/parsoid/CVE-2021-30458.yaml"},{"reference_url":"https://github.com/wikimedia/mediawiki-services-parsoid","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki-services-parsoid"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30458","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30458"},{"reference_url":"https://phabricator.wikimedia.org/T279451","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T279451"},{"reference_url":"https://www.mediawiki.org/wiki/Parsoid","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mediawiki.org/wiki/Parsoid"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://github.com/advisories/GHSA-5pqx-77vf-85rw","reference_id":"GHSA-5pqx-77vf-85rw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5pqx-77vf-85rw"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30458","GHSA-5pqx-77vf-85rw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ads-gs3n-dubh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80688?format=json","vulnerability_id":"VCID-73p6-esc6-tydd","summary":"mediawiki: potential XSS via MediaWiki:blanknamespace outputting Block Logs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35478.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35478","reference_id":"","reference_type":"","scores":[{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63353","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63413","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63441","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63406","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63457","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63475","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63477","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63442","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63476","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63483","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63469","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63487","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63501","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63497","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63471","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35478"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909234","reference_id":"1909234","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909234"},{"reference_url":"https://security.archlinux.org/ASA-202101-22","reference_id":"ASA-202101-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-22"},{"reference_url":"https://security.archlinux.org/AVG-1371","reference_id":"AVG-1371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1371"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-35478"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73p6-esc6-tydd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80690?format=json","vulnerability_id":"VCID-7ar6-14bb-yfc5","summary":"mediawiki: divergent behavior for contributions and user pages of hidden users and missing users","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35480.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35480.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35480","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56945","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5704","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57062","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57039","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5709","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57092","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57104","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57083","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57059","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57086","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5706","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56995","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57015","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56997","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56947","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909240","reference_id":"1909240","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909240"},{"reference_url":"https://security.archlinux.org/ASA-202101-22","reference_id":"ASA-202101-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-22"},{"reference_url":"https://security.archlinux.org/AVG-1371","reference_id":"AVG-1371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1371"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-35480"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ar6-14bb-yfc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17014?format=json","vulnerability_id":"VCID-7eba-7gsc-hbfg","summary":"X-Forwarded-For header allows brute-forcing autoblocked IP addresses\nAn issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29141","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48401","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48509","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48448","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48449","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48426","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48447","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52609","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52461","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52518","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52555","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52545","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52594","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675"},{"reference_url":"https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/"}],"url":"https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7"},{"reference_url":"https://phabricator.wikimedia.org/T285159","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/"}],"url":"https://phabricator.wikimedia.org/T285159"},{"reference_url":"https://www.debian.org/security/2023/dsa-5447","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/"}],"url":"https://www.debian.org/security/2023/dsa-5447"},{"reference_url":"https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.10"},{"reference_url":"https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mediawiki.org/wiki/Release_notes/1.38#MediaWiki_1.38.6"},{"reference_url":"https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mediawiki.org/wiki/Release_notes/1.39#MediaWiki_1.39.3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2183627","reference_id":"2183627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2183627"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29141","reference_id":"CVE-2023-29141","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29141"},{"reference_url":"https://github.com/advisories/GHSA-5vj8-g3qg-4qh6","reference_id":"GHSA-5vj8-g3qg-4qh6","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5vj8-g3qg-4qh6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/","reference_id":"ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/","reference_id":"ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-18T16:02:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2023-29141","GHSA-5vj8-g3qg-4qh6"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7eba-7gsc-hbfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90959?format=json","vulnerability_id":"VCID-7j54-uz1w-y3dn","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41801","reference_id":"","reference_type":"","scores":[{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59289","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59219","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59293","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59317","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59281","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59332","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59345","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59364","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59348","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.5933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59362","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59369","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.5935","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59327","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59347","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59331","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801"},{"reference_url":"https://security.archlinux.org/AVG-2434","reference_id":"AVG-2434","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2434"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-41801"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7j54-uz1w-y3dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51024?format=json","vulnerability_id":"VCID-7m3q-wuh7-k7fn","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30154.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30154.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30154","reference_id":"","reference_type":"","scores":[{"value":"0.00814","scoring_system":"epss","scoring_elements":"0.74345","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00814","scoring_system":"epss","scoring_elements":"0.74306","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00814","scoring_system":"epss","scoring_elements":"0.74316","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00814","scoring_system":"epss","scoring_elements":"0.7434","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00814","scoring_system":"epss","scoring_elements":"0.74349","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00814","scoring_system":"epss","scoring_elements":"0.74347","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78187","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78195","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78133","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78181","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78142","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01115","scoring_system":"epss","scoring_elements":"0.78154","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946690","reference_id":"1946690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946690"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30154"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7m3q-wuh7-k7fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80686?format=json","vulnerability_id":"VCID-812q-n5hg-u7dx","summary":"mediawiki: message recentchanges-legend-watchlistexpiry can contain raw html","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35474.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35474.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35474","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64378","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64462","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64422","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6447","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64486","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64489","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64461","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64495","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64507","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64499","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6452","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64533","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64532","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35474"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909227","reference_id":"1909227","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909227"},{"reference_url":"https://security.archlinux.org/ASA-202101-22","reference_id":"ASA-202101-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-22"},{"reference_url":"https://security.archlinux.org/AVG-1371","reference_id":"AVG-1371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1371"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-35474"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-812q-n5hg-u7dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51026?format=json","vulnerability_id":"VCID-8sqw-6aae-13f5","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30157.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30157.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30157","reference_id":"","reference_type":"","scores":[{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.72843","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.72793","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.72804","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.72796","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.72837","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.72846","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77076","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77055","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.7705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.76989","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.76995","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77024","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77005","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946692","reference_id":"1946692","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946692"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30157"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8sqw-6aae-13f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31065?format=json","vulnerability_id":"VCID-92hf-r3sb-jbhy","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44855.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44855","reference_id":"","reference_type":"","scores":[{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6395","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63987","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64016","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64002","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63972","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64007","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64019","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64026","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6404","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63977","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63936","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64004","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65514","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65493","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156318","reference_id":"2156318","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156318"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:51:07Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"},{"reference_url":"https://phabricator.wikimedia.org/T293589","reference_id":"T293589","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:51:07Z/"}],"url":"https://phabricator.wikimedia.org/T293589"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-44855"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92hf-r3sb-jbhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31079?format=json","vulnerability_id":"VCID-9346-9aaj-fkfw","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41765.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41765","reference_id":"","reference_type":"","scores":[{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49163","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49088","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49128","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49119","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49129","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49161","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49117","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.4907","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49124","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49121","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49138","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49112","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50723","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50799","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156329","reference_id":"2156329","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156329"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:24:49Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"},{"reference_url":"https://phabricator.wikimedia.org/T309894","reference_id":"T309894","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:24:49Z/"}],"url":"https://phabricator.wikimedia.org/T309894"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-41765"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9346-9aaj-fkfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54173?format=json","vulnerability_id":"VCID-9exs-x5s1-4bhg","summary":"Failure to strip the Cookie header on change in host or HTTP downgrade\n### Impact\n\n`Cookie` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, or on making a request to a server which responds with a redirect to a a URI to a different host, we should not forward the `Cookie` header on. Prior to this fix, only cookies that were managed by our cookie middleware would be safely removed, and any `Cookie` header manually added to the initial request would not be stripped. We now always strip it, and allow the cookie middleware to re-add any cookies that it deems should be there.\n\n### Patches\n\nAffected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4.\n\n### Workarounds\n\nAn alternative approach would be to use your own redirect middleware, rather than ours, if you are unable to upgrade. If you do not require or expect redirects to be followed, one should simply disable redirects all together.\n\n### References\n\n* [RFC9110 Section 15.4](https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx)\n\n### For more information\n\nIf you have any questions or comments about this advisory, please get in touch with us in `#guzzle` on the [PHP HTTP Slack](https://php-http.slack.com/). Do not report additional security advisories in that public channel, however - please follow our [vulnerability reporting process](https://github.com/guzzle/guzzle/security/policy).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31042","reference_id":"","reference_type":"","scores":[{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80898","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80753","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80774","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80771","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80799","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80807","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80824","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80809","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80801","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80841","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80864","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80869","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80881","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31042.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31042.yaml"},{"reference_url":"https://github.com/guzzle/guzzle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/guzzle"},{"reference_url":"https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:32Z/"}],"url":"https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8"},{"reference_url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:32Z/"}],"url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31042","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31042"},{"reference_url":"https://www.debian.org/security/2022/dsa-5246","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:32Z/"}],"url":"https://www.debian.org/security/2022/dsa-5246"},{"reference_url":"https://www.drupal.org/sa-core-2022-011","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:32Z/"}],"url":"https://www.drupal.org/sa-core-2022-011"},{"reference_url":"https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:32Z/"}],"url":"https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012821","reference_id":"1012821","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012821"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://github.com/advisories/GHSA-f2wf-25xc-69c9","reference_id":"GHSA-f2wf-25xc-69c9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f2wf-25xc-69c9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-31042","GHSA-f2wf-25xc-69c9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9exs-x5s1-4bhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32819?format=json","vulnerability_id":"VCID-9g1g-z7d8-c7ah","summary":"Regular Expression Denial of Service in papaparse\nVersions of `papaparse` prior to 5.2.0 are vulnerable to Regular Expression Denial of Service (ReDos). The `parse` function contains a malformed regular expression that takes exponentially longer to process non-numerical inputs. This allows attackers to stall systems and lead to Denial of Service.\n\n\n## Recommendation\n\nUpgrade to version 5.2.0 or later.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36649.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36649.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36649","reference_id":"","reference_type":"","scores":[{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62427","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62317","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62375","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.6237","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62419","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62436","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62455","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62445","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62467","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62474","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62458","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62468","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62484","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62481","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36649","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36649"},{"reference_url":"https://github.com/mholt/PapaParse","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mholt/PapaParse"},{"reference_url":"https://github.com/mholt/PapaParse/commit/235a12758cd77266d2e98fd715f53536b34ad621","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mholt/PapaParse/commit/235a12758cd77266d2e98fd715f53536b34ad621"},{"reference_url":"https://github.com/mholt/PapaParse/issues/777","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mholt/PapaParse/issues/777"},{"reference_url":"https://github.com/mholt/PapaParse/pull/779","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mholt/PapaParse/pull/779"},{"reference_url":"https://github.com/mholt/PapaParse/releases/tag/5.2.0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mholt/PapaParse/releases/tag/5.2.0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36649","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36649"},{"reference_url":"https://snyk.io/vuln/SNYK-JS-PAPAPARSE-564258","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://snyk.io/vuln/SNYK-JS-PAPAPARSE-564258"},{"reference_url":"https://vuldb.com/?ctiid.218004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://vuldb.com/?ctiid.218004"},{"reference_url":"https://vuldb.com/?id.218004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://vuldb.com/?id.218004"},{"reference_url":"https://www.npmjs.com/advisories/1515","reference_id":"","reference_type":"","scores":[],"url":"https://www.npmjs.com/advisories/1515"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160359","reference_id":"2160359","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160359"},{"reference_url":"https://github.com/advisories/GHSA-qvjc-g5vr-mfgr","reference_id":"GHSA-qvjc-g5vr-mfgr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qvjc-g5vr-mfgr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-36649","GHSA-qvjc-g5vr-mfgr","GMS-2020-421"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9g1g-z7d8-c7ah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31061?format=json","vulnerability_id":"VCID-9nnu-4mda-7qg9","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41798.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41798","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36614","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36801","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36637","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36705","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36714","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36679","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36653","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36698","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3668","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3662","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36396","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36365","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36279","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36162","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009507","reference_id":"2009507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009507"},{"reference_url":"https://security.archlinux.org/AVG-2434","reference_id":"AVG-2434","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2434"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-41798"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nnu-4mda-7qg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31075?format=json","vulnerability_id":"VCID-9xyz-wzr8-wqhz","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31090","reference_id":"","reference_type":"","scores":[{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86548","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86529","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86617","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86618","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86599","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86594","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.8658","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86587","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86591","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86576","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03005","scoring_system":"epss","scoring_elements":"0.86547","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04985","scoring_system":"epss","scoring_elements":"0.89733","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31090.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31090.yaml"},{"reference_url":"https://github.com/guzzle/guzzle","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/guzzle"},{"reference_url":"https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md"},{"reference_url":"https://github.com/guzzle/guzzle/blob/7.4.5/CHANGELOG.md","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/guzzle/blob/7.4.5/CHANGELOG.md"},{"reference_url":"https://github.com/guzzle/guzzle/commit/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:50Z/"}],"url":"https://github.com/guzzle/guzzle/commit/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82"},{"reference_url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-25mq-v84q-4j7r","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:50Z/"}],"url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-25mq-v84q-4j7r"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31090","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31090"},{"reference_url":"https://www.debian.org/security/2022/dsa-5246","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:50Z/"}],"url":"https://www.debian.org/security/2022/dsa-5246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014492","reference_id":"1014492","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014492"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://github.com/advisories/GHSA-25mq-v84q-4j7r","reference_id":"GHSA-25mq-v84q-4j7r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-25mq-v84q-4j7r"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:50Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-31090","GHSA-25mq-v84q-4j7r","GMS-2022-2528"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9xyz-wzr8-wqhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51027?format=json","vulnerability_id":"VCID-ad34-frk5-kqds","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30158.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30158","reference_id":"","reference_type":"","scores":[{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69813","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69784","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69794","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69775","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69825","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69838","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69856","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69864","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69851","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69788","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69879","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69801","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69816","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69841","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946698","reference_id":"1946698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946698"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30158"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ad34-frk5-kqds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59672?format=json","vulnerability_id":"VCID-arzd-7xhw-qqb4","summary":"OATHAuth extension in MediaWiki is not implementing rate limit\nAn issue was discovered in the OATHAuth extension in MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across many wikis/sites concurrently.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25827.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25827.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25827","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46852","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46934","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4697","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46987","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46988","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46985","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4701","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46983","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4699","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47046","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47042","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46991","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46977","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46939","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25827.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25827.yaml"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25827","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25827"},{"reference_url":"https://phabricator.wikimedia.org/T251661","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T251661"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903761","reference_id":"1903761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903761"},{"reference_url":"https://github.com/advisories/GHSA-rqvj-fc2x-99q6","reference_id":"GHSA-rqvj-fc2x-99q6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rqvj-fc2x-99q6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-25827","GHSA-rqvj-fc2x-99q6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-arzd-7xhw-qqb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31070?format=json","vulnerability_id":"VCID-av7r-cpew-xkcn","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45038.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45038.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45038","reference_id":"","reference_type":"","scores":[{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.55952","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56084","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56063","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56114","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56119","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56131","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56108","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56091","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56126","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56128","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56098","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56024","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56045","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.5602","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.55973","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45038"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036704","reference_id":"2036704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036704"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-45038"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-av7r-cpew-xkcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57632?format=json","vulnerability_id":"VCID-azup-qzq7-sbh6","summary":"MediaWiki Cross-site Scripting (XSS) vulnerability\nIn MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href =\"javascript... that executes when clicked.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25814.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25814","reference_id":"","reference_type":"","scores":[{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56353","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56339","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.5646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56441","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56492","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56483","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56464","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56498","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56468","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56401","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.5642","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56399","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25814.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25814.yaml"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25814","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25814"},{"reference_url":"https://phabricator.wikimedia.org/T86738","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T86738"},{"reference_url":"https://www.mediawiki.org/wiki/ResourceLoader/Core_modules#mediawiki.jqueryMsg","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mediawiki.org/wiki/ResourceLoader/Core_modules#mediawiki.jqueryMsg"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903774","reference_id":"1903774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903774"},{"reference_url":"https://github.com/advisories/GHSA-4vr7-m8p8-434h","reference_id":"GHSA-4vr7-m8p8-434h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4vr7-m8p8-434h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-25814","GHSA-4vr7-m8p8-434h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-azup-qzq7-sbh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78306?format=json","vulnerability_id":"VCID-b8r6-r39r-3ffm","summary":"MediaWiki: Manualthumb bypasses badFile lookup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36674.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36674.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-36674","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13455","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.131","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13321","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13329","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13301","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13197","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13518","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13312","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13394","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13444","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13418","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13336","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13243","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13241","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-36674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233116","reference_id":"2233116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233116"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/","reference_id":"2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/","reference_id":"6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/","reference_id":"DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/"},{"reference_url":"https://phabricator.wikimedia.org/T335612","reference_id":"T335612","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:27:32Z/"}],"url":"https://phabricator.wikimedia.org/T335612"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2023-36674"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b8r6-r39r-3ffm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6290?format=json","vulnerability_id":"VCID-brg4-rv29-1fgz","summary":"In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27291.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27291.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27291","reference_id":"","reference_type":"","scores":[{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.86827","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.86882","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.86887","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.86891","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.86879","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.8687","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.8685","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.86856","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03141","scoring_system":"epss","scoring_elements":"0.86837","published_at":"2026-04-02T12:55:00Z"},{"value":"0.034","scoring_system":"epss","scoring_elements":"0.87447","published_at":"2026-04-24T12:55:00Z"},{"value":"0.034","scoring_system":"epss","scoring_elements":"0.8743","published_at":"2026-04-21T12:55:00Z"},{"value":"0.034","scoring_system":"epss","scoring_elements":"0.87436","published_at":"2026-04-18T12:55:00Z"},{"value":"0.034","scoring_system":"epss","scoring_elements":"0.87433","published_at":"2026-04-16T12:55:00Z"},{"value":"0.034","scoring_system":"epss","scoring_elements":"0.87468","published_at":"2026-05-05T12:55:00Z"},{"value":"0.034","scoring_system":"epss","scoring_elements":"0.87454","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce"},{"reference_url":"https://github.com/advisories/GHSA-pq64-v7f5-gqh8","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pq64-v7f5-gqh8"},{"reference_url":"https://github.com/pygments/pygments","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pygments/pygments"},{"reference_url":"https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-141.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-141.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27291","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27291"},{"reference_url":"https://www.debian.org/security/2021/dsa-4878","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4878"},{"reference_url":"https://www.debian.org/security/2021/dsa-4889","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4889"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1940603","reference_id":"1940603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1940603"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985574","reference_id":"985574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985574"},{"reference_url":"https://security.archlinux.org/AVG-1662","reference_id":"AVG-1662","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1662"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0781","reference_id":"RHSA-2021:0781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3252","reference_id":"RHSA-2021:3252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4139","reference_id":"RHSA-2021:4139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4150","reference_id":"RHSA-2021:4150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4151","reference_id":"RHSA-2021:4151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4151"},{"reference_url":"https://usn.ubuntu.com/4897-1/","reference_id":"USN-4897-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4897-1/"},{"reference_url":"https://usn.ubuntu.com/4897-2/","reference_id":"USN-4897-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4897-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-27291","GHSA-pq64-v7f5-gqh8","PYSEC-2021-141"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brg4-rv29-1fgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31062?format=json","vulnerability_id":"VCID-c8zy-wsn9-63af","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41799.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41799.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41799","reference_id":"","reference_type":"","scores":[{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50227","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50266","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50296","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50244","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50297","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.5029","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50317","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50291","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.5028","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50324","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50325","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50299","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50274","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50233","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50152","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009511","reference_id":"2009511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009511"},{"reference_url":"https://security.archlinux.org/AVG-2434","reference_id":"AVG-2434","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2434"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-41799"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8zy-wsn9-63af"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31067?format=json","vulnerability_id":"VCID-ckkj-z5nq-akhb","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44857.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44857.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44857","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35294","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35492","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35517","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.354","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35446","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35471","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35481","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35438","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35414","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35454","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35442","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3539","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35156","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35134","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35046","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34925","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45038"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036702","reference_id":"2036702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036702"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-44857"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ckkj-z5nq-akhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80689?format=json","vulnerability_id":"VCID-d6kz-e82q-6kh3","summary":"mediawiki: potential XSS via the month messages such as MediaWiki:january through MediaWiki:december outputting Block Logs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35479.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35479.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35479","reference_id":"","reference_type":"","scores":[{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74971","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74974","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75003","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.7498","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75014","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75025","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75015","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75051","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75059","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75048","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75087","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75092","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75095","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75103","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909237","reference_id":"1909237","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909237"},{"reference_url":"https://security.archlinux.org/ASA-202101-22","reference_id":"ASA-202101-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-22"},{"reference_url":"https://security.archlinux.org/AVG-1371","reference_id":"AVG-1371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1371"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-35479"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6kz-e82q-6kh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78071?format=json","vulnerability_id":"VCID-ea7c-xk4h-13fs","summary":"mediawiki: stored XSS leads to privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3550.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3550.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3550","reference_id":"","reference_type":"","scores":[{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.4022","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.3973","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40167","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40231","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40244","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40205","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40187","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40127","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.39954","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.39939","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.39859","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40245","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240807","reference_id":"2240807","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240807"},{"reference_url":"https://fluidattacks.com/advisories/blondie/","reference_id":"blondie","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T15:57:17Z/"}],"url":"https://fluidattacks.com/advisories/blondie/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/","reference_id":"FU2FGUXXK6TMV6R52VRECLC6XCSQQISY","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T15:57:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/"},{"reference_url":"https://www.mediawiki.org/wiki/MediaWiki/","reference_id":"MediaWiki","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T15:57:17Z/"}],"url":"https://www.mediawiki.org/wiki/MediaWiki/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2023-3550"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ea7c-xk4h-13fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31068?format=json","vulnerability_id":"VCID-eefm-65rj-pyg2","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44858.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44858.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44858","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61568","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61642","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61673","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61643","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61729","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61717","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61698","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61739","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61744","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61727","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61721","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61738","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61731","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61675","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45038"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036698","reference_id":"2036698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036698"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-44858"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eefm-65rj-pyg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94711?format=json","vulnerability_id":"VCID-fnzm-dxb3-v7hr","summary":"An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists. (It shouldn't because they are hidden.) This is related to ApiVisualEditor.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30153","reference_id":"","reference_type":"","scores":[{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41526","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41615","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41644","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.4157","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.4162","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.4163","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41651","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41619","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46018","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57034","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57012","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56945","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56964","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62552","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.626","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30153"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30153","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30153"},{"reference_url":"https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html","reference_id":"094418.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:14:31Z/"}],"url":"https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://phabricator.wikimedia.org/T270453","reference_id":"T270453","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:14:31Z/"}],"url":"https://phabricator.wikimedia.org/T270453"},{"reference_url":"https://lists.wikimedia.org/hyperkitty/list/wikitech-l%40lists.wikimedia.org/message/XYBF5RSTJRMVCP7QBYK7643W75A3KCIY/","reference_id":"XYBF5RSTJRMVCP7QBYK7643W75A3KCIY","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:14:31Z/"}],"url":"https://lists.wikimedia.org/hyperkitty/list/wikitech-l%40lists.wikimedia.org/message/XYBF5RSTJRMVCP7QBYK7643W75A3KCIY/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30153"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fnzm-dxb3-v7hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80687?format=json","vulnerability_id":"VCID-fwb3-kxy8-73hz","summary":"mediawiki: unable to change visibility of log entries when MediaWiki:Mainpage uses Special:MyLanguage","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35477.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35477.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35477","reference_id":"","reference_type":"","scores":[{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64668","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.6472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64748","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64706","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64754","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64769","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64786","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64774","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64747","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64785","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64795","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64782","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64799","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64812","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64809","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64789","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909231","reference_id":"1909231","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909231"},{"reference_url":"https://security.archlinux.org/ASA-202101-22","reference_id":"ASA-202101-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-22"},{"reference_url":"https://security.archlinux.org/AVG-1371","reference_id":"AVG-1371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1371"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-35477"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwb3-kxy8-73hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57902?format=json","vulnerability_id":"VCID-h8jw-brz8-hkfn","summary":"MediaWiki Cross-site Scripting (XSS) vulnerability\nAn issue was discovered in MediaWiki 1.34.x before 1.34.3. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25812.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25812","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.5888","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58817","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58892","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58913","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58881","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58933","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58938","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58957","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58939","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.5892","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58954","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58958","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58937","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58919","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58935","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828"},{"reference_url":"https://gerrit.wikimedia.org/g/mediawiki/core/+/ad4a3ba45fb955aa8c0eb3c83809b16b40a498b9/includes/specials/SpecialContributions.php#592","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gerrit.wikimedia.org/g/mediawiki/core/+/ad4a3ba45fb955aa8c0eb3c83809b16b40a498b9/includes/specials/SpecialContributions.php#592"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25812.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25812.yaml"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25812","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25812"},{"reference_url":"https://phabricator.wikimedia.org/T255918","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T255918"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903767","reference_id":"1903767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903767"},{"reference_url":"https://github.com/advisories/GHSA-rj9p-8jxj-2ch4","reference_id":"GHSA-rj9p-8jxj-2ch4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rj9p-8jxj-2ch4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-25812","GHSA-rj9p-8jxj-2ch4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8jw-brz8-hkfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80685?format=json","vulnerability_id":"VCID-j1bz-4bex-4key","summary":"mediawiki: messages userrights-expiry-current and userrights-expiry-none can contain raw html","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35475.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35475","reference_id":"","reference_type":"","scores":[{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69172","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69188","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.6919","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.6924","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69259","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69281","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69266","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69238","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69277","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69285","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69265","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69316","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69324","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69331","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69308","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35480"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909224","reference_id":"1909224","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909224"},{"reference_url":"https://security.archlinux.org/ASA-202101-22","reference_id":"ASA-202101-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-22"},{"reference_url":"https://security.archlinux.org/AVG-1371","reference_id":"AVG-1371","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1371"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-35475"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1bz-4bex-4key"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19329?format=json","vulnerability_id":"VCID-jm7q-2w3j-buhh","summary":"MediaWiki Denial of Service vulnerability\nAn issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45363","reference_id":"","reference_type":"","scores":[{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93424","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93469","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93463","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93415","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93467","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93464","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93458","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93452","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93433","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93432","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93407","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11025","scoring_system":"epss","scoring_elements":"0.93427","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45363"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki/commit/24c3ef2474c6daa20ed48168d46196a55346dfd8"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html"},{"reference_url":"https://phabricator.wikimedia.org/T333050","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/"}],"url":"https://phabricator.wikimedia.org/T333050"},{"reference_url":"https://www.debian.org/security/2023/dsa-5520","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5520"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45363","reference_id":"CVE-2023-45363","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45363"},{"reference_url":"https://github.com/advisories/GHSA-w5fx-cx7f-6vr9","reference_id":"GHSA-w5fx-cx7f-6vr9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w5fx-cx7f-6vr9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2023-45363","GHSA-w5fx-cx7f-6vr9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jm7q-2w3j-buhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31082?format=json","vulnerability_id":"VCID-jwkd-wdus-6ygg","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47927.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47927.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47927","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1637","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15974","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16379","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16362","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16323","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16255","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16191","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1621","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16248","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16139","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16137","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16097","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16432","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16229","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16315","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47927"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160625","reference_id":"2160625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160625"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/","reference_id":"AP65YEN762IBNQPOYGUVLTQIDLM5XD2A","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:40:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:40:18Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:40:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00011.html"},{"reference_url":"https://phabricator.wikimedia.org/T322637","reference_id":"T322637","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:40:18Z/"}],"url":"https://phabricator.wikimedia.org/T322637"},{"reference_url":"https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce%40lists.wikimedia.org/thread/UEMW64LVEH3BEXCJV43CVS6XPYURKWU3/","reference_id":"UEMW64LVEH3BEXCJV43CVS6XPYURKWU3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:40:18Z/"}],"url":"https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce%40lists.wikimedia.org/thread/UEMW64LVEH3BEXCJV43CVS6XPYURKWU3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-47927"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwkd-wdus-6ygg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51025?format=json","vulnerability_id":"VCID-k1f5-msra-4kam","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30155.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30155.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30155","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54795","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54898","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54901","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.5488","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54855","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.5485","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63542","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63543","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63422","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63558","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63482","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63509","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63473","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63525","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948641","reference_id":"1948641","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948641"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30155"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1f5-msra-4kam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31071?format=json","vulnerability_id":"VCID-m1j5-3ecf-dffj","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28202.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28202.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28202","reference_id":"","reference_type":"","scores":[{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69117","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69083","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69092","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69072","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69122","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.6913","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69137","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69088","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72322","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.7234","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72317","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72356","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72368","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074123","reference_id":"2074123","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074123"},{"reference_url":"https://security.archlinux.org/AVG-2677","reference_id":"AVG-2677","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2677"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-28202"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1j5-3ecf-dffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54061?format=json","vulnerability_id":"VCID-nwsr-ruca-2kha","summary":"Fix failure to strip Authorization header on HTTP downgrade\n### Impact\n\n`Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we should not forward the `Authorization` header on. This is much the same as to how we don't forward on the header if the host changes. Prior to this fix, `https` to `http` downgrades did not result in the `Authorization` header being removed, only changes to the host.\n\n### Patches\n\nAffected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4.\n\n### Workarounds\n\nAn alternative approach would be to use your own redirect middleware, rather than ours, if you are unable to upgrade. If you do not require or expect redirects to be followed, one should simply disable redirects all together.\n\n### References\n\n* [RFC9110 Section 15.4](https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx)\n\n### For more information\n\nIf you have any questions or comments about this advisory, please get in touch with us in `#guzzle` on the [PHP HTTP Slack](https://php-http.slack.com/). Do not report additional security advisories in that public channel, however - please follow our [vulnerability reporting process](https://github.com/guzzle/guzzle/security/policy).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31043","reference_id":"","reference_type":"","scores":[{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80898","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80753","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80774","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80771","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80799","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80807","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80824","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80809","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80801","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80841","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80864","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80869","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.80881","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31043.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31043.yaml"},{"reference_url":"https://github.com/guzzle/guzzle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/guzzle"},{"reference_url":"https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:28Z/"}],"url":"https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8"},{"reference_url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:28Z/"}],"url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31043","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31043"},{"reference_url":"https://www.debian.org/security/2022/dsa-5246","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:28Z/"}],"url":"https://www.debian.org/security/2022/dsa-5246"},{"reference_url":"https://www.drupal.org/sa-core-2022-011","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:28Z/"}],"url":"https://www.drupal.org/sa-core-2022-011"},{"reference_url":"https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:28Z/"}],"url":"https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012821","reference_id":"1012821","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012821"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://github.com/advisories/GHSA-w248-ffj2-4v5q","reference_id":"GHSA-w248-ffj2-4v5q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w248-ffj2-4v5q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-31043","GHSA-w248-ffj2-4v5q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwsr-ruca-2kha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57414?format=json","vulnerability_id":"VCID-pm5t-23j4-6yh6","summary":"MediaWiki Cross-site Scripting (XSS) vulnerability\nAn issue was discovered in MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input). (When jqueryMsg is loaded, it correctly accepts only whitelisted tags in message contents, and escapes all parameters. Situations with an unloaded jqueryMsg are rare in practice, but can for example occur for Special:SpecialPages on a wiki with no extensions installed.)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25828.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25828.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25828","reference_id":"","reference_type":"","scores":[{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59785","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59703","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59777","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59801","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.5977","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59822","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59835","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59839","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59859","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59866","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.5985","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.5982","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59838","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59823","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25828.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25828.yaml"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25828","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25828"},{"reference_url":"https://phabricator.wikimedia.org/T115888","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T115888"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903776","reference_id":"1903776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903776"},{"reference_url":"https://github.com/advisories/GHSA-h8qx-mj6v-2934","reference_id":"GHSA-h8qx-mj6v-2934","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h8qx-mj6v-2934"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-25828","GHSA-h8qx-mj6v-2934"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pm5t-23j4-6yh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95128?format=json","vulnerability_id":"VCID-pw9d-1cwb-tyb9","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28201","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20402","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20849","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20621","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20697","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20759","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20777","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20733","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20668","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20665","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20656","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20543","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2054","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20508","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-28201"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pw9d-1cwb-tyb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31064?format=json","vulnerability_id":"VCID-qjhk-97j6-2qfm","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44854.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44854.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44854","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40491","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40571","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40581","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40562","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40543","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40591","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4056","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40484","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40382","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40368","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4052","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40599","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41846","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41707","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156316","reference_id":"2156316","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156316"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:53:28Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"},{"reference_url":"https://phabricator.wikimedia.org/T292763","reference_id":"T292763","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:53:28Z/"}],"url":"https://phabricator.wikimedia.org/T292763"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-44854"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjhk-97j6-2qfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31078?format=json","vulnerability_id":"VCID-qqvd-cjs3-7kab","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34912.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34912.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34912","reference_id":"","reference_type":"","scores":[{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46482","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46502","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46452","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46507","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.4653","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46568","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46565","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46512","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46494","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46504","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46356","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112772","reference_id":"2112772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112772"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-34912"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqvd-cjs3-7kab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31081?format=json","vulnerability_id":"VCID-qwcp-5hh8-z3gp","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41767.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41767.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41767","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47784","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47754","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47767","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47785","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47832","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47774","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47723","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47777","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47773","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47798","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49333","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49418","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156331","reference_id":"2156331","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156331"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:22:46Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"},{"reference_url":"https://phabricator.wikimedia.org/T316304","reference_id":"T316304","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:22:46Z/"}],"url":"https://phabricator.wikimedia.org/T316304"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-41767"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwcp-5hh8-z3gp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78316?format=json","vulnerability_id":"VCID-ruur-4cvx-cqct","summary":"mediawiki: cross site scripting","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36675.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36675.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-36675","reference_id":"","reference_type":"","scores":[{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.66994","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67055","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67019","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.66993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67042","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67074","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.6706","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67029","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67062","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67076","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67057","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67334","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67333","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67322","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67306","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-36675"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36675"},{"reference_url":"https://www.mediawiki.org/wiki/Release_notes/1.40#Other_changes_in_1.40","reference_id":"1.40#Other_changes_in_1.40","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/"}],"url":"https://www.mediawiki.org/wiki/Release_notes/1.40#Other_changes_in_1.40"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2217428","reference_id":"2217428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2217428"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/","reference_id":"2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/","reference_id":"6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/","reference_id":"DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/"},{"reference_url":"https://phabricator.wikimedia.org/T332889","reference_id":"T332889","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-05T15:24:50Z/"}],"url":"https://phabricator.wikimedia.org/T332889"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2023-36675"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ruur-4cvx-cqct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51023?format=json","vulnerability_id":"VCID-rwtk-hep1-xfaw","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30152.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30152.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30152","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59044","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59116","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59121","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59101","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59081","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59098","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59085","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67041","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.6701","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.66938","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67056","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.66976","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.66975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00526","scoring_system":"epss","scoring_elements":"0.67024","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948636","reference_id":"1948636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948636"},{"reference_url":"https://security.archlinux.org/AVG-1775","reference_id":"AVG-1775","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1775"},{"reference_url":"https://security.gentoo.org/glsa/202107-40","reference_id":"GLSA-202107-40","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-30152"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rwtk-hep1-xfaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31077?format=json","vulnerability_id":"VCID-rz65-w7x5-57hu","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34911.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34911.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34911","reference_id":"","reference_type":"","scores":[{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62828","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62858","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62822","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62873","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62889","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62897","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62875","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62915","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62923","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62902","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62938","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62893","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112770","reference_id":"2112770","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112770"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-34911"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rz65-w7x5-57hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76439?format=json","vulnerability_id":"VCID-sc5s-s7vg-dygq","summary":"mediawiki: denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34506.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34506.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34506","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37892","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38284","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38124","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38101","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38008","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3842","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38444","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38308","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38367","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38383","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38346","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38321","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38369","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38348","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34506"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2279231","reference_id":"2279231","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2279231"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/","reference_id":"FU2FGUXXK6TMV6R52VRECLC6XCSQQISY","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-06T14:48:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/"},{"reference_url":"https://phabricator.wikimedia.org/T357760","reference_id":"T357760","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-06T14:48:08Z/"}],"url":"https://phabricator.wikimedia.org/T357760"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2024-34506"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sc5s-s7vg-dygq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31066?format=json","vulnerability_id":"VCID-sca5-n7rz-rffq","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44856.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44856.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44856","reference_id":"","reference_type":"","scores":[{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38942","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39127","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39116","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39096","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39151","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39121","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39032","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38824","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38802","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.3915","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39069","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39124","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40162","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40301","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156326","reference_id":"2156326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156326"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:49:08Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"},{"reference_url":"https://phabricator.wikimedia.org/T271037","reference_id":"T271037","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:49:08Z/"}],"url":"https://phabricator.wikimedia.org/T271037"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-44856"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sca5-n7rz-rffq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55339?format=json","vulnerability_id":"VCID-ujdn-y48t-pbch","summary":"MediaWiki Special:UserRights exposes the existence of hidden users\nIn MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, Special:UserRights exposes the existence of hidden users.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25813.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25813","reference_id":"","reference_type":"","scores":[{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58548","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58489","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58565","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58595","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58574","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58597","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58584","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58639","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58634","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.586","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.5862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.5864","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58623","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25813.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25813.yaml"},{"reference_url":"https://github.com/wikimedia/mediawiki","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html"},{"reference_url":"https://meta.wikimedia.org/wiki/Special:UserRights","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://meta.wikimedia.org/wiki/Special:UserRights"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25813","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25813"},{"reference_url":"https://phabricator.wikimedia.org/T232568","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T232568"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903764","reference_id":"1903764","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903764"},{"reference_url":"https://github.com/advisories/GHSA-c4rj-wrmq-52rj","reference_id":"GHSA-c4rj-wrmq-52rj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c4rj-wrmq-52rj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2020-25813","GHSA-c4rj-wrmq-52rj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujdn-y48t-pbch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31076?format=json","vulnerability_id":"VCID-wzqf-k99e-vbeu","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31091","reference_id":"","reference_type":"","scores":[{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56634","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.5672","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56741","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56719","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56771","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56775","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56784","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56761","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.5674","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56768","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56742","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.5668","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56697","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31091.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2022-31091.yaml"},{"reference_url":"https://github.com/guzzle/guzzle","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/guzzle"},{"reference_url":"https://github.com/guzzle/guzzle/commit/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:47Z/"}],"url":"https://github.com/guzzle/guzzle/commit/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82"},{"reference_url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-q559-8m2m-g699","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:47Z/"}],"url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-q559-8m2m-g699"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31091","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31091"},{"reference_url":"https://www.debian.org/security/2022/dsa-5246","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:47Z/"}],"url":"https://www.debian.org/security/2022/dsa-5246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014492","reference_id":"1014492","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014492"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"},{"reference_url":"https://github.com/advisories/GHSA-q559-8m2m-g699","reference_id":"GHSA-q559-8m2m-g699","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q559-8m2m-g699"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:04:47Z/"}],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-31091","GHSA-q559-8m2m-g699","GMS-2022-2529"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzqf-k99e-vbeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95129?format=json","vulnerability_id":"VCID-yakw-r8bh-5bde","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28203","reference_id":"","reference_type":"","scores":[{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61785","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61751","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61781","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.618","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61835","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61823","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61803","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61847","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61852","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61829","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61848","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.6184","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41767"},{"reference_url":"https://security.archlinux.org/AVG-2823","reference_id":"AVG-2823","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2823"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2022-28203"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yakw-r8bh-5bde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31063?format=json","vulnerability_id":"VCID-z9d9-aer5-gfa9","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41800.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41800","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38808","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38933","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39016","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39035","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.3925","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39337","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39365","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39164","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39331","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39342","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39374","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.3935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39313","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41801"},{"reference_url":"https://github.com/wikimedia/mediawiki/commit/781caf83dba90c18349f930bbaaa0e89f003f874","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/wikimedia/mediawiki/commit/781caf83dba90c18349f930bbaaa0e89f003f874"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJDYJQWT43GBD6GNQ4OW7JOZ6WQ6DZTN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDBPECBWN6LWNSWIQMVXK6PP4YFEUYHA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX/"},{"reference_url":"https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5"},{"reference_url":"https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41800","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41800"},{"reference_url":"https://phabricator.wikimedia.org/T284419","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://phabricator.wikimedia.org/T284419"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009517","reference_id":"2009517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009517"},{"reference_url":"https://security.archlinux.org/AVG-2434","reference_id":"AVG-2434","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2434"},{"reference_url":"https://github.com/advisories/GHSA-c8wv-qwwc-6j73","reference_id":"GHSA-c8wv-qwwc-6j73","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c8wv-qwwc-6j73"},{"reference_url":"https://security.gentoo.org/glsa/202305-24","reference_id":"GLSA-202305-24","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202305-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037792?format=json","purl":"pkg:deb/debian/mediawiki@1:1.31.16-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1na8-nyq1-yfcy"},{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-2xja-2whv-fqe4"},{"vulnerability":"VCID-32f4-khen-3yez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-424y-cjxg-c7az"},{"vulnerability":"VCID-4dfp-3qk9-j7fg"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-674z-nf4t-b7ez"},{"vulnerability":"VCID-6ads-gs3n-dubh"},{"vulnerability":"VCID-73p6-esc6-tydd"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7ar6-14bb-yfc5"},{"vulnerability":"VCID-7eba-7gsc-hbfg"},{"vulnerability":"VCID-7j54-uz1w-y3dn"},{"vulnerability":"VCID-7m3q-wuh7-k7fn"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-812q-n5hg-u7dx"},{"vulnerability":"VCID-8sqw-6aae-13f5"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-92hf-r3sb-jbhy"},{"vulnerability":"VCID-9346-9aaj-fkfw"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-9exs-x5s1-4bhg"},{"vulnerability":"VCID-9g1g-z7d8-c7ah"},{"vulnerability":"VCID-9nnu-4mda-7qg9"},{"vulnerability":"VCID-9xyz-wzr8-wqhz"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-ad34-frk5-kqds"},{"vulnerability":"VCID-arzd-7xhw-qqb4"},{"vulnerability":"VCID-av7r-cpew-xkcn"},{"vulnerability":"VCID-azup-qzq7-sbh6"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-b8r6-r39r-3ffm"},{"vulnerability":"VCID-brg4-rv29-1fgz"},{"vulnerability":"VCID-c8zy-wsn9-63af"},{"vulnerability":"VCID-ckkj-z5nq-akhb"},{"vulnerability":"VCID-d6kz-e82q-6kh3"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-ea7c-xk4h-13fs"},{"vulnerability":"VCID-eefm-65rj-pyg2"},{"vulnerability":"VCID-fnzm-dxb3-v7hr"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-fwb3-kxy8-73hz"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-h8jw-brz8-hkfn"},{"vulnerability":"VCID-j1bz-4bex-4key"},{"vulnerability":"VCID-jm7q-2w3j-buhh"},{"vulnerability":"VCID-jwkd-wdus-6ygg"},{"vulnerability":"VCID-k1f5-msra-4kam"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-m1j5-3ecf-dffj"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-nwsr-ruca-2kha"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pm5t-23j4-6yh6"},{"vulnerability":"VCID-pw9d-1cwb-tyb9"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qjhk-97j6-2qfm"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-qqvd-cjs3-7kab"},{"vulnerability":"VCID-qwcp-5hh8-z3gp"},{"vulnerability":"VCID-ruur-4cvx-cqct"},{"vulnerability":"VCID-rwtk-hep1-xfaw"},{"vulnerability":"VCID-rz65-w7x5-57hu"},{"vulnerability":"VCID-sc5s-s7vg-dygq"},{"vulnerability":"VCID-sca5-n7rz-rffq"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-ujdn-y48t-pbch"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-wzqf-k99e-vbeu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-yakw-r8bh-5bde"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-z9d9-aer5-gfa9"},{"vulnerability":"VCID-zj5a-p9u4-ducw"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.16-1%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2021-41800","GHSA-c8wv-qwwc-6j73"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z9d9-aer5-gfa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78030?format=json","vulnerability_id":"VCID-zj5a-p9u4-ducw","summary":"mediawiki: XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45360.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45360.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45360","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60249","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6029","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60293","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60236","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60262","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60229","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60279","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60294","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60301","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60323","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6033","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60318","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45363"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247803","reference_id":"2247803","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247803"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/","reference_id":"FU2FGUXXK6TMV6R52VRECLC6XCSQQISY","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T14:08:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/"},{"reference_url":"https://phabricator.wikimedia.org/T340221","reference_id":"T340221","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T14:08:22Z/"}],"url":"https://phabricator.wikimedia.org/T340221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026190?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2wcb-hty6-uyez"},{"vulnerability":"VCID-3zue-5ccg-23hs"},{"vulnerability":"VCID-4yhr-jjt9-afaq"},{"vulnerability":"VCID-5myd-ngfx-5qhb"},{"vulnerability":"VCID-74ej-8sna-jyek"},{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-7wh4-say2-pqap"},{"vulnerability":"VCID-8uw8-ja3w-r3da"},{"vulnerability":"VCID-95d1-mkm6-r3cq"},{"vulnerability":"VCID-a8nh-mvhd-bka7"},{"vulnerability":"VCID-b5ke-cjtq-q3ev"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-den1-257q-euc9"},{"vulnerability":"VCID-e8np-4nbw-t3b3"},{"vulnerability":"VCID-fptt-2t1j-8fec"},{"vulnerability":"VCID-h3d2-nr9e-nqbk"},{"vulnerability":"VCID-h789-pcxv-kbgd"},{"vulnerability":"VCID-k7qb-7hbj-1qc2"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-m1xy-yucr-dqfs"},{"vulnerability":"VCID-m7uw-sa5j-u3bw"},{"vulnerability":"VCID-mbs4-gs37-1fh5"},{"vulnerability":"VCID-pm3s-z5ap-qqay"},{"vulnerability":"VCID-pwjk-pzpj-aff6"},{"vulnerability":"VCID-qpgu-mg6m-vyef"},{"vulnerability":"VCID-sr9a-a6vt-1qgt"},{"vulnerability":"VCID-tutk-y8jg-n7dh"},{"vulnerability":"VCID-v3dp-7stt-tygf"},{"vulnerability":"VCID-vjd5-jv5h-yfhw"},{"vulnerability":"VCID-w51y-hprj-buap"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-wraf-59ce-u3br"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xtd9-wbd9-67ew"},{"vulnerability":"VCID-z3qw-4ejj-uffj"},{"vulnerability":"VCID-z8qp-v64u-tuh8"},{"vulnerability":"VCID-zmax-894d-5kfd"},{"vulnerability":"VCID-ztxx-cc2c-87at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}],"aliases":["CVE-2023-45360"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zj5a-p9u4-ducw"}],"risk_score":"3.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2"}