VulnerableCode Package Details - pkg:deb/debian/mediawiki@1:1.39.13-1~deb12u1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3w12-rj24-uqds		CVE-2025-6595
VCID-6mzr-p5f8-3qd1	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	CVE-2025-32698
VCID-d7vh-6t1f-6fcz		CVE-2025-6590
VCID-e75u-66tu-kqcj	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	CVE-2025-3469
VCID-ev4v-equp-q3c2		CVE-2025-6594
VCID-f7sj-37hx-jufx		CVE-2025-6591
VCID-kx4b-gpc1-aqa8		CVE-2025-6593
VCID-nu2f-76a5-nucp	Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.	CVE-2025-32072
VCID-sk2r-zb1q-mygn	mediawiki: group-.*-member messages are not properly escaped on Special:log/rights	CVE-2023-51704
VCID-ue85-5gy8-2bdw		CVE-2025-6597
VCID-yjgw-hrsr-q3bz	Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.	CVE-2025-32699
VCID-zh3t-wu8f-73b5	Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki: before 1.42.6, 1.43.1.	CVE-2025-32697
VCID-zzg3-w43c-bybp	Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	CVE-2025-32696

Vulnerability

Summary

Aliases

VCID-3w12-rj24-uqds

CVE-2025-6595

VCID-6mzr-p5f8-3qd1

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.

CVE-2025-32698

VCID-d7vh-6t1f-6fcz

CVE-2025-6590

VCID-e75u-66tu-kqcj

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.

CVE-2025-3469

VCID-ev4v-equp-q3c2

CVE-2025-6594

VCID-f7sj-37hx-jufx

CVE-2025-6591

VCID-kx4b-gpc1-aqa8

CVE-2025-6593

VCID-nu2f-76a5-nucp

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.

CVE-2025-32072

VCID-sk2r-zb1q-mygn

mediawiki: group-.*-member messages are not properly escaped on Special:log/rights

CVE-2023-51704

VCID-ue85-5gy8-2bdw

CVE-2025-6597

VCID-yjgw-hrsr-q3bz

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.

CVE-2025-32699

VCID-zh3t-wu8f-73b5

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki: before 1.42.6, 1.43.1.

CVE-2025-32697

VCID-zzg3-w43c-bybp

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.

CVE-2025-32696

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-09-10T04:54:21.215285+00:00	Debian Oval Importer	Fixing	VCID-ev4v-equp-q3c2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T04:49:26.621687+00:00	Debian Oval Importer	Fixing	VCID-6mzr-p5f8-3qd1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T03:17:05.585223+00:00	Debian Oval Importer	Fixing	VCID-zzg3-w43c-bybp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T01:24:53.000947+00:00	Debian Oval Importer	Fixing	VCID-kx4b-gpc1-aqa8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T00:07:47.015711+00:00	Debian Oval Importer	Fixing	VCID-3w12-rj24-uqds	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-10T00:04:27.825821+00:00	Debian Oval Importer	Fixing	VCID-sk2r-zb1q-mygn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T22:57:35.033868+00:00	Debian Oval Importer	Fixing	VCID-e75u-66tu-kqcj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T22:44:03.986245+00:00	Debian Oval Importer	Fixing	VCID-yjgw-hrsr-q3bz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T21:11:15.012127+00:00	Debian Oval Importer	Fixing	VCID-f7sj-37hx-jufx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T20:38:31.596639+00:00	Debian Oval Importer	Fixing	VCID-ue85-5gy8-2bdw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T20:07:24.216365+00:00	Debian Oval Importer	Fixing	VCID-d7vh-6t1f-6fcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T19:54:57.596547+00:00	Debian Oval Importer	Fixing	VCID-nu2f-76a5-nucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:42:49.992911+00:00	Debian Importer	Fixing	VCID-zh3t-wu8f-73b5	https://security-tracker.debian.org/tracker/data/json	37.0.0