3 matches found
CVE-2023-22912
CVE-2023-22912 affects MediaWiki releases prior to 1.35.9, 1.36.x up to 1.38.x before 1.38.5, and 1.39.x before 1.39.1. The CheckUser TokenManager uses AES-CTR with a repeated nonce, enabling an adversary to decrypt data. Impact is confidentiality of tokens, with network-based exposure and no exp...
MediaWiki < 1.35.9, 1.38.0 < 1.38.5, 1.39.0 < 1.39.1 Information Disclosure Vulnerability - Linux
MediaWiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
MediaWiki < 1.35.9, 1.38.0 < 1.38.5, 1.39.0 < 1.39.1 Multiple Vulnerabilities - Windows
MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...