Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2021-0477
HistoryOct 13, 2021 - 10:39 p.m.

Updated mediawiki packages fix security vulnerability

2021-10-1322:39:52
Gentoo Foundation
advisories.mageia.org
7

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.8%

JSON

XSS vulnerability in Special:Search. (CVE-2021-41798) ApiQueryBacklinks can cause a full table scan. (CVE-2021-41799) Fix PoolCounter protection of Special:Contributions. (CVE-2021-41800) ReplaceText continues performing actions if the user no longer has the correct permission (such as by being blocked). (CVE-2021-41801)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchmediawiki< 1.35.4-1mediawiki-1.35.4-1.mga8

Related

nessus 4
freebsd 1
openvas 8
debian 2
osv 11
fedora 3
veracode 4
ubuntucve 4
cnvd 3
prion 4
cve 4
debiancve 4
redhatcve 3
github 1
gentoo 1
nessus
nessus
FreeBSD : mediawiki -- multiple vulnerabilities (f84ab297-2285-11ec-9e79-08002789875b)
2021-10-05 00:00:00
Debian DSA-4979-1 : mediawiki - security update
2021-10-04 00:00:00
Debian DLA-2779-1 : mediawiki - LTS security update
2021-10-10 00:00:00
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2021-06-24 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0477)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4979-1)
2021-10-05 00:00:00
MediaWiki < 1.31.16, 1.32.x < 1.35.4, 1.36.x < 1.36.2 Multiple Vulnerabilities - Windows
2021-10-05 00:00:00
debian
debian
[SECURITY] [DSA 4979-1] mediawiki security update
2021-10-01 18:12:47
[SECURITY] [DLA 2779-1] mediawiki security update
2021-10-09 16:26:51
osv
osv
mediawiki - security update
2021-10-01 00:00:00
mediawiki - security update
2021-10-09 00:00:00
CVE-2021-41801
2021-10-11 08:15:06
fedora
fedora
[SECURITY] Fedora 33 Update: mediawiki-1.35.4-1.fc33
2021-10-12 23:47:22
[SECURITY] Fedora 35 Update: mediawiki-1.36.2-1.fc35
2021-10-29 23:18:47
[SECURITY] Fedora 34 Update: mediawiki-1.35.4-1.fc34
2021-10-12 23:45:15
veracode
veracode
Privilege Escalation
2021-10-03 15:12:32
Denial Of Service (DoS)
2021-10-03 13:51:29
Cross-site Scripting (XSS)
2021-10-03 13:51:30
ubuntucve
ubuntucve
CVE-2021-41801
2021-10-11 00:00:00
CVE-2021-41799
2021-10-11 00:00:00
CVE-2021-41798
2021-10-11 00:00:00
cnvd
cnvd
MediaWiki permission permission and access control issues vulnerability (CNVD-2021-84581)
2021-11-01 00:00:00
MediaWiki Denial of Service Vulnerability (CNVD-2022-05528)
2021-10-13 00:00:00
MediaWiki Cross-Site Scripting Vulnerability (CNVD-2022-05529)
2021-10-13 00:00:00
prion
prion
Information disclosure
2021-10-11 08:15:00
Code injection
2021-10-11 08:15:00
Code injection
2021-10-11 08:15:00
cve
cve
CVE-2021-41801
2021-10-11 08:15:00
CVE-2021-41799
2021-10-11 08:15:00
CVE-2021-41798
2021-10-11 08:15:00
debiancve
debiancve
CVE-2021-41801
2021-10-11 08:15:00
CVE-2021-41800
2021-10-11 08:15:00
CVE-2021-41799
2021-10-11 08:15:00
redhatcve
redhatcve
CVE-2021-41798
2021-09-30 20:24:20
CVE-2021-41800
2021-09-30 20:49:13
CVE-2021-41799
2021-09-30 20:24:20
github
github
MediaWiki allows a denial of service
2022-05-24 19:17:14
gentoo
gentoo
MediaWiki: Multiple Vulnerabilities
2023-05-21 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.8%

JSON
Related for MGASA-2021-0477
nessus4freebsd1openvas8debian2osv11fedora3veracode4ubuntucve4cnvd3prion4cve4debiancve4redhatcve3github1gentoo1