VulnerableCode Package Details - pkg:alpm/archlinux/mediawiki@1.31.0-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-4nj4-8zju-aaac Aliases: CVE-2018-13258 GHSA-2c28-7gwv-cpgf	Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible.	1.31.1-1 Affected by 0 other vulnerabilities.
VCID-azqw-d7r1-aaad Aliases: CVE-2018-0503 GHSA-mhfv-9h99-jwg7	Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.	1.31.1-1 Affected by 0 other vulnerabilities.
VCID-sa8w-pzne-aaas Aliases: CVE-2018-0505 GHSA-5c6w-f4w2-2grp	Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock	1.31.1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-4nj4-8zju-aaac
Aliases:
CVE-2018-13258
GHSA-2c28-7gwv-cpgf

Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible.

1.31.1-1
Affected by 0 other vulnerabilities.

VCID-azqw-d7r1-aaad
Aliases:
CVE-2018-0503
GHSA-mhfv-9h99-jwg7

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.

1.31.1-1
Affected by 0 other vulnerabilities.

VCID-sa8w-pzne-aaas
Aliases:
CVE-2018-0505
GHSA-5c6w-f4w2-2grp

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock

1.31.1-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:53.388047+00:00	Arch Linux Importer	Affected by	VCID-azqw-d7r1-aaad	https://security.archlinux.org/AVG-765	36.0.0
2025-03-28T07:46:53.354375+00:00	Arch Linux Importer	Affected by	VCID-sa8w-pzne-aaas	https://security.archlinux.org/AVG-765	36.0.0
2025-03-28T07:46:53.319675+00:00	Arch Linux Importer	Affected by	VCID-4nj4-8zju-aaac	https://security.archlinux.org/AVG-765	36.0.0
2024-09-18T02:02:14.180372+00:00	Arch Linux Importer	Affected by	VCID-azqw-d7r1-aaad	https://security.archlinux.org/AVG-765	34.0.1
2024-09-18T02:02:14.153698+00:00	Arch Linux Importer	Affected by	VCID-sa8w-pzne-aaas	https://security.archlinux.org/AVG-765	34.0.1
2024-09-18T02:02:14.126933+00:00	Arch Linux Importer	Affected by	VCID-4nj4-8zju-aaac	https://security.archlinux.org/AVG-765	34.0.1
2024-01-03T22:28:16.426326+00:00	Arch Linux Importer	Affected by	VCID-azqw-d7r1-aaad	https://security.archlinux.org/AVG-765	34.0.0rc1
2024-01-03T22:28:16.404917+00:00	Arch Linux Importer	Affected by	VCID-sa8w-pzne-aaas	https://security.archlinux.org/AVG-765	34.0.0rc1
2024-01-03T22:28:16.380734+00:00	Arch Linux Importer	Affected by	VCID-4nj4-8zju-aaac	https://security.archlinux.org/AVG-765	34.0.0rc1