Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/930709?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "mediawiki", "version": "1:1.43.6+dfsg-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:1.43.6+dfsg-2", "latest_non_vulnerable_version": "1:1.43.8+dfsg-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96907?format=api", "vulnerability_id": "VCID-3zue-5ccg-23hs", "summary": "Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67480", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2053", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20647", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20645", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20636", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20524", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2052", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20489", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20382", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20453", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2054", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20517", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33338", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33244", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33279", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33283", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3337", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36524", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67480" }, { "reference_url": "https://phabricator.wikimedia.org/T401053", "reference_id": "T401053", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:01:49Z/" } ], "url": "https://phabricator.wikimedia.org/T401053" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930708?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67480" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3zue-5ccg-23hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96908?format=api", "vulnerability_id": "VCID-m7uw-sa5j-u3bw", "summary": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01954", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01999", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01985", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01984", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02013", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01965", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01982", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01915", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05726", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05689", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67481" }, { "reference_url": "https://phabricator.wikimedia.org/T251032", "reference_id": "T251032", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:13Z/" } ], "url": "https://phabricator.wikimedia.org/T251032" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930708?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67481" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7uw-sa5j-u3bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64766?format=api", "vulnerability_id": "VCID-n22t-95dq-p7hr", "summary": "MediaWiki: MediaWiki: Cross-site scripting vulnerability in page preview functionality", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67483.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67483.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67483", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01954", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01999", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01985", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01984", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02013", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01965", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01982", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01915", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05726", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05689", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436188", "reference_id": "2436188", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436188" }, { "reference_url": "https://phabricator.wikimedia.org/T409226", "reference_id": "T409226", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:02:18Z/" } ], "url": "https://phabricator.wikimedia.org/T409226" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930620?format=api", "purl": "pkg:deb/debian/mediawiki@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67483" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n22t-95dq-p7hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96909?format=api", "vulnerability_id": "VCID-qpgu-mg6m-vyef", "summary": "Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C. This issue affects Scribunto: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1; luasandbox: from * before fea2304f8f6ab30314369a612f4f5b165e68e95a.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67482", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05245", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05303", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05337", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05913", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.059", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05911", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05554", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05497", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05507", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0567", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05706", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05742", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05748", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05756", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05833", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67482" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67482" }, { "reference_url": "https://phabricator.wikimedia.org/T408135", "reference_id": "T408135", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:14Z/" } ], "url": "https://phabricator.wikimedia.org/T408135" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930708?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67482" ], "risk_score": 0.5, "exploitability": "0.5", "weighted_severity": "1.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpgu-mg6m-vyef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64770?format=api", "vulnerability_id": "VCID-s9d6-rtuj-u3hy", "summary": "MediaWiki: MediaWiki: Cross-site Scripting vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67477.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67477.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01954", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01999", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01985", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01984", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02013", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01965", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01982", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01915", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05726", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05689", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67477" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436175", "reference_id": "2436175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436175" }, { "reference_url": "https://phabricator.wikimedia.org/T406639", "reference_id": "T406639", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:18Z/" } ], "url": "https://phabricator.wikimedia.org/T406639" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930620?format=api", "purl": "pkg:deb/debian/mediawiki@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67477" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9d6-rtuj-u3hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96906?format=api", "vulnerability_id": "VCID-tutk-y8jg-n7dh", "summary": "Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05372", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05376", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0554", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05574", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0561", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05611", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05618", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05672", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0576", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0551", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05545", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05583", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05607", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05579", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05811", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05818", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67478" }, { "reference_url": "https://phabricator.wikimedia.org/T385403", "reference_id": "T385403", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:08Z/" } ], "url": "https://phabricator.wikimedia.org/T385403" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930708?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67478" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tutk-y8jg-n7dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64768?format=api", "vulnerability_id": "VCID-v3dp-7stt-tygf", "summary": "MediaWiki: MediaWiki: Cross-site Scripting vulnerability due to improper input neutralization", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67475.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01642", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02591", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02519", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02507", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02572", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02541", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02558", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02595", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02589", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02443", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02425", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02432", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02532", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06247", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06223", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06203", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06288", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06192", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67475" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436176", "reference_id": "2436176", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436176" }, { "reference_url": "https://phabricator.wikimedia.org/T406664", "reference_id": "T406664", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:29:07Z/" } ], "url": "https://phabricator.wikimedia.org/T406664" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930708?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67475" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v3dp-7stt-tygf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64771?format=api", "vulnerability_id": "VCID-wraf-59ce-u3br", "summary": "MediaWiki: MediaWiki: Vulnerability in parsing and sanitization", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67479.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05245", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05303", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05337", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05913", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.059", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05911", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05554", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05497", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05507", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0567", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05706", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05742", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05748", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05756", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05833", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67479" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436184", "reference_id": "2436184", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436184" }, { "reference_url": "https://phabricator.wikimedia.org/T407131", "reference_id": "T407131", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:26:19Z/" } ], "url": "https://phabricator.wikimedia.org/T407131" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930708?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67479" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wraf-59ce-u3br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64767?format=api", "vulnerability_id": "VCID-z8qp-v64u-tuh8", "summary": "MediaWiki: MediaWiki: Vulnerability in ApiFormatXml.Php requiring high privileges", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67484.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09647", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09366", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09368", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09518", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09571", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09536", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09493", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09405", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09565", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09636", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09613", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09933", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09879", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09954", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10019", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09981", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12073", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436190", "reference_id": "2436190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436190" }, { "reference_url": "https://phabricator.wikimedia.org/T401995", "reference_id": "T401995", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T21:02:03Z/" } ], "url": "https://phabricator.wikimedia.org/T401995" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/930615?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930708?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930613?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7831-8u7z-6fep" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930618?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-buwp-69zb-93hs" }, { "vulnerability": "VCID-cbtm-g4t5-u3am" }, { "vulnerability": "VCID-d5vz-puw9-t7er" }, { "vulnerability": "VCID-kw32-af5a-hqg8" }, { "vulnerability": "VCID-q7k6-59z5-d7a7" }, { "vulnerability": "VCID-wktm-ya6k-v7dv" }, { "vulnerability": "VCID-x8t7-agtn-zudu" }, { "vulnerability": "VCID-xdct-ca96-3uat" }, { "vulnerability": "VCID-zmax-894d-5kfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930709?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930616?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930617?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kw32-af5a-hqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059637?format=api", "purl": "pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67484" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8qp-v64u-tuh8" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1%3Fdistro=trixie" }