VulnerableCode Package Details - pkg:alpm/archlinux/mediawiki@1.36.2-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3tye-xqmf-aaaa	MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.	CVE-2021-41798
VCID-7kgb-jke8-aaan	The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog)	CVE-2021-41801
VCID-ah5y-k5sb-aaap	MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.	CVE-2021-41800 GHSA-c8wv-qwwc-6j73
VCID-fbrx-yzny-aaae	MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan.	CVE-2021-41799

Vulnerability

Summary

Aliases

VCID-3tye-xqmf-aaaa

MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.

CVE-2021-41798

VCID-7kgb-jke8-aaan

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog)

CVE-2021-41801

VCID-ah5y-k5sb-aaap

MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.

CVE-2021-41800
GHSA-c8wv-qwwc-6j73

VCID-fbrx-yzny-aaae

MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan.

CVE-2021-41799

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:27.415077+00:00	Arch Linux Importer	Fixing	VCID-3tye-xqmf-aaaa	https://security.archlinux.org/AVG-2434	36.0.0
2025-03-28T07:46:27.396446+00:00	Arch Linux Importer	Fixing	VCID-fbrx-yzny-aaae	https://security.archlinux.org/AVG-2434	36.0.0
2025-03-28T07:46:27.377774+00:00	Arch Linux Importer	Fixing	VCID-ah5y-k5sb-aaap	https://security.archlinux.org/AVG-2434	36.0.0
2025-03-28T07:46:27.359091+00:00	Arch Linux Importer	Fixing	VCID-7kgb-jke8-aaan	https://security.archlinux.org/AVG-2434	36.0.0
2024-09-18T02:01:43.759786+00:00	Arch Linux Importer	Fixing	VCID-3tye-xqmf-aaaa	https://security.archlinux.org/AVG-2434	34.0.1
2024-09-18T02:01:43.675377+00:00	Arch Linux Importer	Fixing	VCID-fbrx-yzny-aaae	https://security.archlinux.org/AVG-2434	34.0.1
2024-09-18T02:01:43.589962+00:00	Arch Linux Importer	Fixing	VCID-ah5y-k5sb-aaap	https://security.archlinux.org/AVG-2434	34.0.1
2024-09-18T02:01:43.478019+00:00	Arch Linux Importer	Fixing	VCID-7kgb-jke8-aaan	https://security.archlinux.org/AVG-2434	34.0.1
2024-01-03T22:27:49.536532+00:00	Arch Linux Importer	Fixing	VCID-3tye-xqmf-aaaa	https://security.archlinux.org/AVG-2434	34.0.0rc1
2024-01-03T22:27:49.517466+00:00	Arch Linux Importer	Fixing	VCID-fbrx-yzny-aaae	https://security.archlinux.org/AVG-2434	34.0.0rc1
2024-01-03T22:27:49.498549+00:00	Arch Linux Importer	Fixing	VCID-ah5y-k5sb-aaap	https://security.archlinux.org/AVG-2434	34.0.0rc1
2024-01-03T22:27:49.479114+00:00	Arch Linux Importer	Fixing	VCID-7kgb-jke8-aaan	https://security.archlinux.org/AVG-2434	34.0.0rc1