{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","type":"deb","namespace":"debian","name":"mediawiki","version":"1:1.35.13-1+deb11u6","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.39.1-1","latest_non_vulnerable_version":"1:1.43.8+dfsg-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96907?format=json","vulnerability_id":"VCID-3zue-5ccg-23hs","summary":"Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php.  This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67480","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20489","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20647","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20645","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20636","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20524","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2052","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20453","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2054","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20382","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33338","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33202","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33244","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33279","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33283","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.365","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36524","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480"},{"reference_url":"https://phabricator.wikimedia.org/T401053","reference_id":"T401053","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:01:49Z/"}],"url":"https://phabricator.wikimedia.org/T401053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930709?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-67480"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zue-5ccg-23hs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96908?format=json","vulnerability_id":"VCID-m7uw-sa5j-u3bw","summary":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js.  This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67481","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01982","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01915","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01999","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01985","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01984","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02013","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01965","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01957","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01941","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05765","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0573","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05726","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05791","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05689","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481"},{"reference_url":"https://phabricator.wikimedia.org/T251032","reference_id":"T251032","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:13Z/"}],"url":"https://phabricator.wikimedia.org/T251032"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930709?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-67481"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7uw-sa5j-u3bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96909?format=json","vulnerability_id":"VCID-qpgu-mg6m-vyef","summary":"Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C.  This issue affects Scribunto: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1; luasandbox: from * before fea2304f8f6ab30314369a612f4f5b165e68e95a.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67482","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05245","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05303","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05337","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.059","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05756","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05833","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05554","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0567","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05706","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05748","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482"},{"reference_url":"https://phabricator.wikimedia.org/T408135","reference_id":"T408135","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:14Z/"}],"url":"https://phabricator.wikimedia.org/T408135"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930709?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-67482"],"risk_score":0.5,"exploitability":"0.5","weighted_severity":"1.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpgu-mg6m-vyef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96906?format=json","vulnerability_id":"VCID-tutk-y8jg-n7dh","summary":"Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php.  This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67478","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05372","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05376","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0554","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05574","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0561","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05672","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0576","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05618","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05546","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05545","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05607","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05579","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05811","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05818","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478"},{"reference_url":"https://phabricator.wikimedia.org/T385403","reference_id":"T385403","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:08Z/"}],"url":"https://phabricator.wikimedia.org/T385403"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930709?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-67478"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tutk-y8jg-n7dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64768?format=json","vulnerability_id":"VCID-v3dp-7stt-tygf","summary":"MediaWiki: MediaWiki: Cross-site Scripting vulnerability due to improper input neutralization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67475","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01642","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02595","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02432","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02532","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02519","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02507","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02572","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02558","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02425","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06247","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06223","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06203","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06288","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06192","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436176","reference_id":"2436176","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436176"},{"reference_url":"https://phabricator.wikimedia.org/T406664","reference_id":"T406664","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:07Z/"}],"url":"https://phabricator.wikimedia.org/T406664"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930709?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-67475"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3dp-7stt-tygf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64771?format=json","vulnerability_id":"VCID-wraf-59ce-u3br","summary":"MediaWiki: MediaWiki: Vulnerability in parsing and sanitization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67479","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05245","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05303","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05337","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.059","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05756","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05833","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05554","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0567","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05706","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05748","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436184","reference_id":"2436184","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436184"},{"reference_url":"https://phabricator.wikimedia.org/T407131","reference_id":"T407131","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:19Z/"}],"url":"https://phabricator.wikimedia.org/T407131"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930709?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-67479"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wraf-59ce-u3br"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64767?format=json","vulnerability_id":"VCID-z8qp-v64u-tuh8","summary":"MediaWiki: MediaWiki: Vulnerability in ApiFormatXml.Php requiring high privileges","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67484","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09636","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09366","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09368","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09518","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09571","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09536","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09493","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09405","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09565","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09954","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09933","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10019","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10004","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09981","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09879","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12043","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436190","reference_id":"2436190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436190"},{"reference_url":"https://phabricator.wikimedia.org/T401995","reference_id":"T401995","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:02:03Z/"}],"url":"https://phabricator.wikimedia.org/T401995"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930708?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930709?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2025-67484"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8qp-v64u-tuh8"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie"}