Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.7 views

CVE-2022-28201

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...

4.4CVSS6.6AI score0.00403EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.99 views

Debian DSA-5246-1 : mediawiki - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5246 advisory. - An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite...

8.1CVSS6.6AI score0.0182EPSS
Exploits3References33
Debian
Debian
added 2022/09/22 2:38 p.m.42 views

[SECURITY] [DLA 3117-1] mediawiki security update

Debian LTS Advisory DLA-3117-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 22, 2022 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.31.16-1+deb10u3 CVE ID : CVE-2021-44856 CVE-2022-28201 CVE-2022-28202 CVE-2022-28203 CVE-2022-34911...

7.5CVSS6.5AI score0.01152EPSS
Exploits2
CVE
CVE
added 2022/09/19 12:0 a.m.76 views

CVE-2022-28201

CVE-2022-28201 affects MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The root cause is an infinite recursion triggered when a user with editinterface permission mishandles a bare local interwiki for the mainpage message. This can lead to a denial of service via recursio...

4.4CVSS5.6AI score0.00403EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2022-0145)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.01152EPSS
Exploits3References4
Mageia
Mageia
added 2022/04/18 7:42 a.m.60 views

Updated mediawiki packages fix security vulnerability

Title::newMainPage goes into an infinite recursion loop if it points to a local interwiki CVE-2022-28201. Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete CVE-2022-28202. Requesting Special:NewFiles on a wiki with many file uploads with acto...

7.5CVSS1.5AI score0.01152EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/04/04 12:0 a.m.32 views

FreeBSD : mediawiki -- multiple vulnerabilities (79ea6066-b40e-11ec-8b93-080027b24e86)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 79ea6066-b40e-11ec-8b93-080027b24e86 advisory. - An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x...

7.5CVSS6AI score0.01152EPSS
Exploits3References6
FreeBSD
FreeBSD
added 2021/12/12 12:0 a.m.34 views

mediawiki -- multiple vulnerabilities

Mediawiki reports: T297543, CVE-2022-28202 Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete. T297571, CVE-2022-28201 Title::newMainPage goes into an infinite recursion loop if it points to a local interwiki. T297731, CVE-2022-28203 Requestin...

7.5CVSS1.4AI score0.01152EPSS
Exploits3References1
Rows per page
Query Builder