Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5447-1:AE4AE
HistoryJul 05, 2023 - 5:45 p.m.

[SECURITY] [DSA 5447-1] mediawiki security update

2023-07-0517:45:42
lists.debian.org
9

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

24.2%

JSON

Debian Security Advisory DSA-5447-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
July 05, 2023 https://www.debian.org/security/faq

Package : mediawiki
CVE ID : CVE-2023-29141 CVE-2023-36674 CVE-2023-36675
Debian Bug : 1039075

Multiple security issues were discovered in MediaWiki, a website engine
for collaborative work, which could result in cross-site scripting, a
bypass of vandalism protections or information disclosure.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1:1.35.11-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 1:1.39.4-1~deb12u1.

We recommend that you upgrade your mediawiki packages.

For the detailed security status of mediawiki please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mediawiki

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Related

openvas 13
osv 8
nessus 8
fedora 5
mageia 2
freebsd 1
prion 3
cve 3
redos 1
debiancve 3
veracode 3
ubuntucve 3
redhatcve 3
cvelist 3
debian 1
openvas
openvas
Debian: Security Advisory (DSA-5447-1)
2023-07-07 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2023-7e9d6015f6)
2023-09-16 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2023-d8ae3c122e)
2023-09-03 00:00:00
osv
osv
mediawiki - security update
2023-07-05 00:00:00
CVE-2023-36674
2023-08-20 18:15:09
CVE-2023-36675
2023-06-26 01:15:09
nessus
nessus
Debian DSA-5447-1 : mediawiki - security update
2023-07-06 00:00:00
Fedora 37 : mediawiki (2023-d8ae3c122e)
2023-09-02 00:00:00
Fedora 38 : mediawiki (2023-1fcaba0998)
2023-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: mediawiki-1.39.4-1.fc38
2023-09-02 01:16:12
[SECURITY] Fedora 39 Update: mediawiki-1.39.4-1.fc39
2023-09-15 19:01:54
[SECURITY] Fedora 37 Update: mediawiki-1.38.7-1.fc37
2023-09-02 01:33:42
mageia
mageia
Updated mediawiki packages fix security vulnerability
2023-07-27 01:07:49
Updated mediawiki packages fix security vulnerability
2023-06-28 08:21:41
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2023-04-21 00:00:00
prion
prion
Design/Logic Flaw
2023-06-26 01:15:00
Design/Logic Flaw
2023-08-20 18:15:00
Design/Logic Flaw
2023-03-31 19:15:00
cve
cve
CVE-2023-36674
2023-08-20 18:15:09
CVE-2023-36675
2023-06-26 01:15:09
CVE-2023-29141
2023-03-31 19:15:07
redos
redos
ROS-20240404-12
2024-04-04 00:00:00
debiancve
debiancve
CVE-2023-36675
2023-06-26 01:15:09
CVE-2023-36674
2023-08-20 18:15:09
CVE-2023-29141
2023-03-31 19:15:07
veracode
veracode
Cross-Site Scripting (XSS)
2023-06-29 07:29:05
Remote Code Execution (RCE)
2023-08-06 16:15:22
Improper Access Control
2023-08-06 13:11:13
ubuntucve
ubuntucve
CVE-2023-36674
2023-08-20 00:00:00
CVE-2023-36675
2023-06-26 00:00:00
CVE-2023-29141
2023-03-31 00:00:00
redhatcve
redhatcve
CVE-2023-36675
2023-06-26 08:47:12
CVE-2023-36674
2023-08-22 17:50:29
CVE-2023-29141
2023-03-31 21:43:00
cvelist
cvelist
CVE-2023-36674
2023-08-20 00:00:00
CVE-2023-36675
2023-06-26 00:00:00
CVE-2023-29141
2023-03-31 00:00:00
debian
debian
[SECURITY] [DLA 3540-1] mediawiki security update
2023-08-22 23:09:25

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

24.2%

JSON
Related for DEBIAN:DSA-5447-1:AE4AE
openvas13osv8nessus8fedora5mageia2freebsd1prion3cve3redos1debiancve3veracode3ubuntucve3redhatcve3cvelist3debian1