Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-36674HistoryAug 20, 2023 - 6:15 p.m.
CVE-2023-36674
2023-08-2018:15:09
Debian Security Bug Tracker
security-tracker.debian.org
21
mediawiki
security issue
bypass
bad image list
file syntax
0.001 Low
EPSS
Percentile
20.3%
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mediawiki | < 1:1.39.4-1~deb12u1 | mediawiki_1:1.39.4-1~deb12u1_all.deb |
| Debian | 11 | all | mediawiki | < 1:1.35.11-1~deb11u1 | mediawiki_1:1.35.11-1~deb11u1_all.deb |
| Debian | 10 | all | mediawiki | < 1:1.31.16-1+deb10u2 | mediawiki_1:1.31.16-1+deb10u2_all.deb |
| Debian | 999 | all | mediawiki | < 1:1.39.4-1 | mediawiki_1:1.39.4-1_all.deb |
| Debian | 13 | all | mediawiki | < 1:1.39.4-1 | mediawiki_1:1.39.4-1_all.deb |
Related
cve
cve
CVE-2023-36674
2023-08-20 18:15:09
cvelist
cvelist
CVE-2023-36674
2023-08-20 00:00:00
osv
osv
CVE-2023-36674
2023-08-20 18:15:09
BIT-mediawiki-2023-36674
2024-03-06 11:01:24
mediawiki - security update
2023-07-05 00:00:00
ubuntucve
ubuntucve
CVE-2023-36674
2023-08-20 00:00:00
redhatcve
redhatcve
CVE-2023-36674
2023-08-22 17:50:29
veracode
veracode
Remote Code Execution (RCE)
2023-08-06 16:15:22
prion
prion
Design/Logic Flaw
2023-08-20 18:15:00
nessus
nessus
Fedora 37 : mediawiki (2023-d8ae3c122e)
2023-09-02 00:00:00
Fedora 38 : mediawiki (2023-1fcaba0998)
2023-09-02 00:00:00
Fedora 39 : mediawiki (2023-7e9d6015f6)
2023-11-07 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: mediawiki-1.39.4-1.fc38
2023-09-02 01:16:12
[SECURITY] Fedora 37 Update: mediawiki-1.38.7-1.fc37
2023-09-02 01:33:42
[SECURITY] Fedora 39 Update: mediawiki-1.39.4-1.fc39
2023-09-15 19:01:54
openvas
openvas
Fedora: Security Advisory for mediawiki (FEDORA-2023-d8ae3c122e)
2023-09-03 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2023-7e9d6015f6)
2023-09-16 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2023-1fcaba0998)
2023-09-03 00:00:00
mageia
mageia
Updated mediawiki packages fix security vulnerability
2023-07-27 01:07:49
debian
debian
[SECURITY] [DSA 5447-1] mediawiki security update
2023-07-05 17:45:18
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2023-04-21 00:00:00