VulnerableCode Package Details - pkg:deb/debian/mediawiki@1:1.39.10-1~deb12u1

Search for packages

Package details: pkg:deb/debian/mediawiki@1:1.39.10-1~deb12u1

Essentials
History (7)

purl	pkg:deb/debian/mediawiki@1:1.39.10-1~deb12u1
Tags	Ghost

Next non-vulnerable version	1:1.43.1+dfsg-2
Latest non-vulnerable version	1:1.43.1+dfsg-2
Risk	2.0

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-5p4h-zz1t-rufv Aliases: CVE-2025-32699	Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.	1:1.39.12-1~deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-8r94-4gcj-kqf7 Aliases: CVE-2025-3469	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	1:1.39.12-1~deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1:1.43.0+dfsg-1 Affected by 0 other vulnerabilities. 1:1.43.1+dfsg-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-bh3d-zm2d-kyb5 Aliases: CVE-2025-32700	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseLog.Php, includes/Pager/AbuseLogPager.Php, includes/Special/SpecialAbuseLog.Php, includes/View/AbuseFilterViewExamine.Php. This issue affects AbuseFilter: from >= 1.43.0 before 1.43.1.	1:1.39.12-1~deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-fbhc-3z4g-sbhq Aliases: CVE-2025-32697	Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki: before 1.42.6, 1.43.1.	1:1.39.12-1~deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1:1.43.0+dfsg-1 Affected by 0 other vulnerabilities. 1:1.43.1+dfsg-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-n4rb-218x-3fbx Aliases: CVE-2025-32696	Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	1:1.39.12-1~deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-te4z-gmum-57er Aliases: CVE-2025-32698	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	1:1.39.12-1~deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-vge4-wfm4-r3dr Aliases: CVE-2025-32072	Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.	1:1.39.12-1~deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1:1.43.1+dfsg-2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-04-23T12:05:19.460238+00:00	Debian Importer	Affected by	VCID-vge4-wfm4-r3dr	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T05:50:20.492879+00:00	Debian Importer	Affected by	VCID-n4rb-218x-3fbx	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T04:52:41.230261+00:00	Debian Importer	Affected by	VCID-5p4h-zz1t-rufv	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T04:20:14.680227+00:00	Debian Importer	Affected by	VCID-te4z-gmum-57er	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T04:09:56.463029+00:00	Debian Importer	Affected by	VCID-bh3d-zm2d-kyb5	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-11T09:15:39.624853+00:00	Debian Importer	Affected by	VCID-fbhc-3z4g-sbhq	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-11T07:13:48.376954+00:00	Debian Importer	Affected by	VCID-8r94-4gcj-kqf7	https://security-tracker.debian.org/tracker/data/json	36.0.0