{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","type":"deb","namespace":"debian","name":"mediawiki","version":"1:1.25.5-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.27.1-1","latest_non_vulnerable_version":"1:1.43.8+dfsg-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92746?format=json","vulnerability_id":"VCID-1f7s-dk69-mqg2","summary":"The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the \"Change block\" text.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6727","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.60993","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61069","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61097","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61063","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61111","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61148","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61115","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61156","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61162","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61144","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61132","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61138","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61086","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61136","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61195","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6727"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096","reference_id":"799096","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-6727"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1f7s-dk69-mqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92794?format=json","vulnerability_id":"VCID-1hwd-avxk-fqbs","summary":"The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContributions, (4) Special:MyUploads, and (5) Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted links combined with page view statistics.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8628","reference_id":"","reference_type":"","scores":[{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62967","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62914","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62748","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62806","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62799","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.6285","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62867","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62874","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62852","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62892","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.629","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62879","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62915","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62916","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62868","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8628"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html"},{"reference_url":"https://phabricator.wikimedia.org/T109724","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T109724"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/21/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/21/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/23/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/23/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8628","reference_id":"CVE-2015-8628","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8628"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8628"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hwd-avxk-fqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92769?format=json","vulnerability_id":"VCID-2fva-bc2j-dban","summary":"MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8003","reference_id":"","reference_type":"","scores":[{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66984","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66859","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66831","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.6688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66893","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66913","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66867","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.669","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66914","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66897","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66921","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66935","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66903","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66945","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8003"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8003","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8003"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html"},{"reference_url":"https://phabricator.wikimedia.org/T91850","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T91850"},{"reference_url":"http://www.securitytracker.com/id/1034028","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034028"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8003","reference_id":"CVE-2015-8003","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8003"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8003"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2fva-bc2j-dban"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92793?format=json","vulnerability_id":"VCID-3yt6-jnfb-9fcw","summary":"MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8627","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62621","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62568","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62409","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62467","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62465","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62517","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62533","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62552","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62541","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62518","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62559","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62565","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62547","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62557","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62573","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6257","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6252","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8627"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html"},{"reference_url":"https://phabricator.wikimedia.org/T97897","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T97897"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/21/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/21/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/23/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/23/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8627","reference_id":"CVE-2015-8627","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8627"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8627"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3yt6-jnfb-9fcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92771?format=json","vulnerability_id":"VCID-5fsv-cduw-ybb8","summary":"MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8005","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48609","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48588","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4863","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48652","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48604","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48658","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48655","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48673","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48647","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48659","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48708","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48704","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48645","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48656","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48605","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48521","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48583","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8005"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html"},{"reference_url":"https://phabricator.wikimedia.org/T108616","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T108616"},{"reference_url":"http://www.securitytracker.com/id/1034028","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034028"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8005","reference_id":"CVE-2015-8005","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8005"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8005"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fsv-cduw-ybb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50276?format=json","vulnerability_id":"VCID-cm78-savr-xuf7","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which may allow remote attackers to cause a Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6730","reference_id":"","reference_type":"","scores":[{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51365","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51416","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51443","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51402","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51453","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51496","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51475","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51462","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51505","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51513","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5149","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5145","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51411","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51355","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51405","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51448","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6730"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096","reference_id":"799096","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096"},{"reference_url":"https://security.gentoo.org/glsa/201510-05","reference_id":"GLSA-201510-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-6730"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cm78-savr-xuf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92791?format=json","vulnerability_id":"VCID-e2td-jqbd-vbaa","summary":"The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 does not perform token comparison in constant time before determining if a debugging message should be logged, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8623.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8624","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29938","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29929","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30405","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30435","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30481","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3029","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3035","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30384","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30387","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30343","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30296","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30312","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30294","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30249","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30068","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29993","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29858","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8624"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html"},{"reference_url":"https://phabricator.wikimedia.org/T119309","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T119309"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/21/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/21/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/23/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/23/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8624","reference_id":"CVE-2015-8624","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8624"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2td-jqbd-vbaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92768?format=json","vulnerability_id":"VCID-fujm-vb7d-vfhe","summary":"The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a file upload using one byte chunks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8002","reference_id":"","reference_type":"","scores":[{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66984","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66859","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66831","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.6688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66893","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66913","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66867","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.669","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66914","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66897","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66921","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66935","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66903","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.66945","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8002"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html"},{"reference_url":"https://phabricator.wikimedia.org/T91205","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T91205"},{"reference_url":"http://www.securitytracker.com/id/1034028","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034028"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8002","reference_id":"CVE-2015-8002","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8002"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fujm-vb7d-vfhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92556?format=json","vulnerability_id":"VCID-mzd9-bu4b-wfar","summary":"The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the \"Change block\" text.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7444","reference_id":"","reference_type":"","scores":[{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63607","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63666","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63692","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63651","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63703","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.6372","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63734","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63719","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63686","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63721","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63731","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63715","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63733","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63746","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63743","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63759","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63808","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7444"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7444"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096","reference_id":"799096","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2013-7444"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzd9-bu4b-wfar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92789?format=json","vulnerability_id":"VCID-nsd6-kt5p-w7fe","summary":"Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1, when is configured with a relative URL, allows remote authenticated users to inject arbitrary web script or HTML via wikitext, as demonstrated by a wikilink to a page named \"javascript:alert('XSS!').\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8622","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53584","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53531","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53487","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53511","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53536","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53505","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53555","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53551","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53601","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53583","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53565","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53607","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53589","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53553","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53566","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53529","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53483","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8622"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html"},{"reference_url":"https://phabricator.wikimedia.org/T117899","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T117899"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/21/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/21/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/23/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/23/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8622","reference_id":"CVE-2015-8622","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8622"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8622"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nsd6-kt5p-w7fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92770?format=json","vulnerability_id":"VCID-qme5-cvje-1fg4","summary":"MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8004","reference_id":"","reference_type":"","scores":[{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36419","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36769","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36929","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36962","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36794","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36859","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36833","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36853","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36837","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36779","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36552","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36521","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36432","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36317","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.3639","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8004"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html"},{"reference_url":"https://phabricator.wikimedia.org/T95589","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T95589"},{"reference_url":"http://www.securitytracker.com/id/1034028","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034028"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8004","reference_id":"CVE-2015-8004","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8004"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8004"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qme5-cvje-1fg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92767?format=json","vulnerability_id":"VCID-rhq2-r3hq-tqc5","summary":"The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file size.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8001","reference_id":"","reference_type":"","scores":[{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.5544","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55318","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55435","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55486","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55487","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55497","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55475","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55458","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55495","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55498","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55476","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55419","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55392","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.5534","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55383","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8001"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html"},{"reference_url":"https://phabricator.wikimedia.org/T91203","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T91203"},{"reference_url":"http://www.securitytracker.com/id/1034028","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034028"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8001","reference_id":"CVE-2015-8001","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8001"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8001"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhq2-r3hq-tqc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50274?format=json","vulnerability_id":"VCID-xj9q-7kq3-x7b4","summary":"Multiple vulnerabilities have been found in MediaWiki, the worst of\n    which may allow remote attackers to cause a Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6728","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3658","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36632","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3665","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36624","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36599","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36645","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36627","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36344","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36314","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36228","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36111","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3618","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36208","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6728"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096","reference_id":"799096","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799096"},{"reference_url":"https://security.gentoo.org/glsa/201510-05","reference_id":"GLSA-201510-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-6728"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xj9q-7kq3-x7b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92790?format=json","vulnerability_id":"VCID-yc9s-xn4z-jbde","summary":"The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8623","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31692","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31685","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32145","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32275","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32313","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32137","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32187","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32216","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32177","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32179","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32158","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32132","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31969","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31842","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31759","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31611","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8623"},{"reference_url":"https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php","reference_id":"","reference_type":"","scores":[],"url":"https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html"},{"reference_url":"https://phabricator.wikimedia.org/T119309","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T119309"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/21/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/21/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/23/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/23/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8623","reference_id":"CVE-2015-8623","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8623"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8623"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yc9s-xn4z-jbde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92792?format=json","vulnerability_id":"VCID-zhp6-af71-57gk","summary":"The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8626","reference_id":"","reference_type":"","scores":[{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70741","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70709","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70533","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70547","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70564","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70541","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70602","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70625","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.7061","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70596","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70641","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70651","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70629","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.7068","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.7069","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70668","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8626"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html"},{"reference_url":"https://phabricator.wikimedia.org/T115522","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T115522"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/21/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/21/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/23/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/23/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.24.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.25.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.26.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8626","reference_id":"CVE-2015-8626","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8626"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930654?format=json","purl":"pkg:deb/debian/mediawiki@1:1.25.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8626"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhp6-af71-57gk"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.25.5-1%3Fdistro=trixie"}