11 matches found
[SECURITY] [DLA 2504-1] mediawiki security update
Debian LTS Advisory DLA-2504-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez December 22, 2020 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.27.7-1deb9u7 CVE ID : CVE-2020-15005 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480 Multiple security...
Debian DLA-2504-1 : mediawiki security update
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work. CVE-2020-15005 Private wikis behind a caching server using the imgauth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them...
Debian: Security Advisory (DLA-2504-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4767-1 : mediawiki - security update
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work: SpecialUserRights could leak whether a user existed or not, multiple code paths lacked HTML sanitisation allowing for cross-site scripting and TOTP validation applied insufficient rate limiting against...
Debian: Security Advisory (DSA-4767-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4767-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4767-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 25, 2020 https://www.debian.org/security/faq -...
Security fix for the ALT Linux 9 package mediawiki version 1.34.2-alt1
Aug. 1, 2020 Vitaly Lipatov 1.34.2-alt1 - new version 1.34.2 with rpmrb script - CVE-2020-15005...
Updated mediawiki packages fix security vulnerability
Updated mediawiki packages fix security vulnerability: In MediaWiki before 1.31.8, private wikis behind a caching server using the imgauth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control...
Fedora: Security Advisory for mediawiki (FEDORA-2020-9c97633708)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
MediaWiki Information Disclosure Vulnerability (Jun 2020) - Windows
MediaWiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2020-15005
CVE-2020-15005 affects MediaWiki before 1.31.8, 1.32.x, 1.33.x before 1.33.4, and 1.34.x before 1.34.2. The root cause is mishandling of Cache-Control and Vary headers on private wikis behind a caching proxy using the img_auth.php image authorization feature, allowing public caches to store and s...