Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-45363
HistoryOct 09, 2023 - 12:00 a.m.

CVE-2023-45363

2023-10-0900:00:00
ubuntu.com
ubuntu.com
9
mediawiki
dos attack
redirected pages

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.6%

An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12,
1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows
attackers to cause a denial of service (unbounded loop and
RequestTimeoutException) when querying pages redirected to other variants
with redirects and converttitles set.

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.6%