CVE-2023-36674

2023-08-2000:00:00

ubuntu.com

mediawiki

security issue

bad image list

0.001 Low

EPSS

Percentile

20.3%

JSON

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x
before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is
possible to bypass the Bad image list (aka badFile) by using the thumb
parameter (aka Manualthumb) of the File syntax.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchmediawiki< anyUNKNOWN
ubuntu20.04noarchmediawiki< anyUNKNOWN
ubuntu22.04noarchmediawiki< anyUNKNOWN