Mediawikwi reports:
(T285159, CVE-2023-PENDING) SECURITY: X-Forwarded-For header allows
brute-forcing autoblocked IP addresses.
(T326946, CVE-2020-36649) SECURITY: Bundled PapaParse copy in
VisualEditor has known ReDos.
(T330086, CVE-2023-PENDING) SECURITY: OATHAuth allows replay attacks when
MediaWiki is configured without ObjectCache; Insecure Default Configuration.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | mediawiki135 | < 1.35.10 | UNKNOWN |
FreeBSD | any | noarch | mediawiki138 | < 1.38.6 | UNKNOWN |
FreeBSD | any | noarch | mediawiki139 | < 1.39.3 | UNKNOWN |