Lucene search
K

4 matches found

OSV
OSV
added 2024/03/06 11:4 a.m.19 views

BIT-MEDIAWIKI-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

7.5CVSS7.3AI score0.01191EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/06/28 1:15 p.m.3 views

CVE-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

7.5CVSS5.9AI score0.01191EPSS
Exploits0References4
Prion
Prion
added 2022/06/28 1:15 p.m.17 views

Code injection

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

5CVSS7.3AI score0.01191EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/06/28 12:20 p.m.61 views

CVE-2022-34750

CVE-2022-34750 : PT and vendor docs show a Wikibase/MediaWiki DoS issue due to unbounded merge requests. Affected: Wikibase extension for MediaWiki in versions 1.35.x–1.35.11, 1.36.x–1.39.4, and 1.40.x–1.40.0. Root cause: no rate limiting on item merging. Fixes are available in: Wikibase 1.35.12 ...

7.5CVSS7.2AI score0.01191EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder