Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/930680?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "mediawiki", "version": "1:1.35.2-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:1.35.3-1", "latest_non_vulnerable_version": "1:1.43.8+dfsg-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6299?format=api", "vulnerability_id": "VCID-1na8-nyq1-yfcy", "summary": "An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20270.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42583", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42655", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42672", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42708", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42685", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42673", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42682", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42654", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44732", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.4477", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44662", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.4482", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44911", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44961", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44968", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44828", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44746", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20270" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-9w8r-397f-prfh", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9w8r-397f-prfh" }, { "reference_url": "https://github.com/pygments/pygments", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pygments/pygments" }, { "reference_url": "https://github.com/pygments/pygments/commit/f91804ff4772e3ab41f46e28d370f57898700333", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pygments/pygments/commit/f91804ff4772e3ab41f46e28d370f57898700333" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-140.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-140.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4889", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2021/dsa-4889" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984664", "reference_id": "984664", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984664" }, { "reference_url": "https://security.archlinux.org/AVG-1662", "reference_id": "AVG-1662", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1662" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0781", "reference_id": "RHSA-2021:0781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3252", "reference_id": "RHSA-2021:3252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4139", "reference_id": "RHSA-2021:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4150", "reference_id": "RHSA-2021:4150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4151", "reference_id": "RHSA-2021:4151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4151" }, { "reference_url": "https://usn.ubuntu.com/4885-1/", "reference_id": "USN-4885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4885-1/" }, { "reference_url": "https://usn.ubuntu.com/4897-2/", "reference_id": "USN-4897-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4897-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-20270", "GHSA-9w8r-397f-prfh", "PYSEC-2021-140" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1na8-nyq1-yfcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51028?format=api", "vulnerability_id": "VCID-32f4-khen-3yez", "summary": "Multiple vulnerabilities have been found in MediaWiki, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30159.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30159.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75081", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75112", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75123", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75135", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75124", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75392", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75296", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75287", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75322", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75326", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75329", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75339", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75367", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948638", "reference_id": "1948638", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948638" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://security.gentoo.org/glsa/202107-40", "reference_id": "GLSA-202107-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30159" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-32f4-khen-3yez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51029?format=api", "vulnerability_id": "VCID-6ads-gs3n-dubh", "summary": "Multiple vulnerabilities have been found in MediaWiki, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43931", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43954", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43969", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43984", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43982", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43932", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.44002", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.4398", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.58897", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.58859", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.58864", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.58842", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.58825", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.5884", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.58826", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.5879", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.58838", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30458" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/wikimedia/parsoid/CVE-2021-30458.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/wikimedia/parsoid/CVE-2021-30458.yaml" }, { "reference_url": "https://github.com/wikimedia/mediawiki-services-parsoid", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/wikimedia/mediawiki-services-parsoid" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30458", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30458" }, { "reference_url": "https://phabricator.wikimedia.org/T279451", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://phabricator.wikimedia.org/T279451" }, { "reference_url": "https://www.mediawiki.org/wiki/Parsoid", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mediawiki.org/wiki/Parsoid" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://github.com/advisories/GHSA-5pqx-77vf-85rw", "reference_id": "GHSA-5pqx-77vf-85rw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5pqx-77vf-85rw" }, { "reference_url": "https://security.gentoo.org/glsa/202107-40", "reference_id": "GLSA-202107-40", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202107-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30458", "GHSA-5pqx-77vf-85rw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ads-gs3n-dubh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51024?format=api", "vulnerability_id": "VCID-7m3q-wuh7-k7fn", "summary": "Multiple vulnerabilities have been found in MediaWiki, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30154.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30154.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.74398", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.74306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.74316", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.7434", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.74349", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.74347", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.74345", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00814", "scoring_system": "epss", "scoring_elements": "0.74374", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78133", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78195", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78142", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78172", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78181", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78187", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946690", "reference_id": "1946690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946690" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://security.gentoo.org/glsa/202107-40", "reference_id": "GLSA-202107-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30154" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7m3q-wuh7-k7fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51026?format=api", "vulnerability_id": "VCID-8sqw-6aae-13f5", "summary": "Multiple vulnerabilities have been found in MediaWiki, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30157.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30157.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72804", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72796", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72837", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72846", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.72866", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77076", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.7705", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.76989", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77055", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.76995", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77024", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77005", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77047", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946692", "reference_id": "1946692", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946692" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://security.gentoo.org/glsa/202107-40", "reference_id": "GLSA-202107-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30157" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sqw-6aae-13f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51027?format=api", "vulnerability_id": "VCID-ad34-frk5-kqds", "summary": "Multiple vulnerabilities have been found in MediaWiki, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30158.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30158.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69887", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69784", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69794", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69775", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69825", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69834", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69838", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69813", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69857", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69788", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69851", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69801", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69793", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69879", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946698", "reference_id": "1946698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946698" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://security.gentoo.org/glsa/202107-40", "reference_id": "GLSA-202107-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30158" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ad34-frk5-kqds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6290?format=api", "vulnerability_id": "VCID-brg4-rv29-1fgz", "summary": "In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.86827", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.86882", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.86887", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.86891", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.86879", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.8687", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.8685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.86856", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03141", "scoring_system": "epss", "scoring_elements": "0.86837", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.87433", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.87499", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.87482", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.87468", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.87454", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.87447", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.8743", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.034", "scoring_system": "epss", "scoring_elements": "0.87436", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce" }, { "reference_url": "https://github.com/advisories/GHSA-pq64-v7f5-gqh8", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pq64-v7f5-gqh8" }, { "reference_url": "https://github.com/pygments/pygments", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pygments/pygments" }, { "reference_url": "https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-141.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2021-141.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4878", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2021/dsa-4878" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4889", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2021/dsa-4889" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603", "reference_id": "1940603", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985574", "reference_id": "985574", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985574" }, { "reference_url": "https://security.archlinux.org/AVG-1662", "reference_id": "AVG-1662", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1662" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0781", "reference_id": "RHSA-2021:0781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3252", "reference_id": "RHSA-2021:3252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4139", "reference_id": "RHSA-2021:4139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4150", "reference_id": "RHSA-2021:4150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4151", "reference_id": "RHSA-2021:4151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4151" }, { "reference_url": "https://usn.ubuntu.com/4897-1/", "reference_id": "USN-4897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4897-1/" }, { "reference_url": "https://usn.ubuntu.com/4897-2/", "reference_id": "USN-4897-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4897-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-27291", "GHSA-pq64-v7f5-gqh8", "PYSEC-2021-141" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-brg4-rv29-1fgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94711?format=api", "vulnerability_id": "VCID-fnzm-dxb3-v7hr", "summary": "An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists. (It shouldn't because they are hidden.) This is related to ApiVisualEditor.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41615", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41644", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4157", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4162", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41651", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41619", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41605", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46018", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57012", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.56945", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57034", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.56964", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.626", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62552", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62653", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30153" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30153" }, { "reference_url": "https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html", "reference_id": "094418.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:14:31Z/" } ], "url": "https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://phabricator.wikimedia.org/T270453", "reference_id": "T270453", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:14:31Z/" } ], "url": "https://phabricator.wikimedia.org/T270453" }, { "reference_url": "https://lists.wikimedia.org/hyperkitty/list/wikitech-l%40lists.wikimedia.org/message/XYBF5RSTJRMVCP7QBYK7643W75A3KCIY/", "reference_id": "XYBF5RSTJRMVCP7QBYK7643W75A3KCIY", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:14:31Z/" } ], "url": "https://lists.wikimedia.org/hyperkitty/list/wikitech-l%40lists.wikimedia.org/message/XYBF5RSTJRMVCP7QBYK7643W75A3KCIY/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30153" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fnzm-dxb3-v7hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51025?format=api", "vulnerability_id": "VCID-k1f5-msra-4kam", "summary": "Multiple vulnerabilities have been found in MediaWiki, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30155.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30155.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54894", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54898", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54901", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.5488", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54855", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54875", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.5485", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54795", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54837", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63543", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63422", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63482", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63509", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63525", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63542", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63558", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948641", "reference_id": "1948641", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948641" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://security.gentoo.org/glsa/202107-40", "reference_id": "GLSA-202107-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30155" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1f5-msra-4kam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51023?format=api", "vulnerability_id": "VCID-rwtk-hep1-xfaw", "summary": "Multiple vulnerabilities have been found in MediaWiki, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30152.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30152.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.5915", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59116", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59121", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59101", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59081", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59098", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59085", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59044", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59094", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67041", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.66938", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.6701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.66976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.66975", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67024", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67036", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67056", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948636", "reference_id": "1948636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948636" }, { "reference_url": "https://security.archlinux.org/AVG-1775", "reference_id": "AVG-1775", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1775" }, { "reference_url": "https://security.gentoo.org/glsa/202107-40", "reference_id": "GLSA-202107-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930680?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-30152" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rwtk-hep1-xfaw" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.2-1%3Fdistro=trixie" }