Envoy 代码问题漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A code issue vulnerability exists in Envoy versions 1.33.12, 1.34.10, 1.35.6, 1.36.2, and prior versions, which stems from a reentry error in the JWT authentication configuration that could lead to a crash...

SUSE CVE-2025-62504

Envoy is an open source edge and service proxy. Envoy versions earlier than 1.36.2, 1.35.6, 1.34.10, and 1.33.12 contain a use-after-free vulnerability in the Lua filter. When a Lua script executing in the response phase rewrites a response body so that its size exceeds the configured...

Envoy 资源管理错误漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A resource management error vulnerability exists in Envoy versions prior to 1.36.2, prior to 1.35.6, prior to 1.34.10, and prior to 1.33.12, which stems from the presence of post-release reuse of Lua filters, which...

Linux Distros Unpatched Vulnerability : CVE-2022-28202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties ...

CVE-2022-28203

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query...

CVE-2022-28203

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query...

CVE-2022-28203

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query...

CVE-2022-28201

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...

UBUNTU-CVE-2022-28203

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query...

Design/Logic Flaw

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query...

CVE-2022-28203

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query...

PT-2022-18870 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.6 MediaWiki versions 1.36.x prior to 1.36.4 MediaWiki versions 1.37.x prior to 1.37.2 Description: An issue was discovered in MediaWiki where users with the editinterface permission can trigger infinite...

MediaWiki < 1.35.6, 1.36.0 < 1.36.4, 1.37.0 < 1.37.2 Multiple Vulnerabilities - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

CVE-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

Cross site scripting

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

MediaWiki 跨站脚本漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki that stems from the fact that the widthheight,...

CVE-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

CVE-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...