Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5447-1:AE4AE
HistoryJul 05, 2023 - 5:45 p.m.

[SECURITY] [DSA 5447-1] mediawiki security update

2023-07-0517:45:18
lists.debian.org
11
cve
unix
tracker page
debian
mailing list
cross-site scripting
bug
upgrade
mediawiki
information disclosure
security update
vandalism protections

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

68.9%

JSON

Debian Security Advisory DSA-5447-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
July 05, 2023 https://www.debian.org/security/faq

Package : mediawiki
CVE ID : CVE-2023-29141 CVE-2023-36674 CVE-2023-36675
Debian Bug : 1039075

Multiple security issues were discovered in MediaWiki, a website engine
for collaborative work, which could result in cross-site scripting, a
bypass of vandalism protections or information disclosure.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1:1.35.11-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 1:1.39.4-1~deb12u1.

We recommend that you upgrade your mediawiki packages.

For the detailed security status of mediawiki please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mediawiki

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Related

osv 8
openvas 13
nessus 8
fedora 5
mageia 2
freebsd 1
veracode 3
debiancve 3
redhatcve 3
redos 1
nvd 3
cve 3
cvelist 3
prion 3
ubuntucve 3
debian 1
osv
osv
mediawiki - security update
2023-07-05 00:00:00
BIT-mediawiki-2023-36674
2024-03-06 11:01:24
CVE-2023-36675
2023-06-26 01:15:09
openvas
openvas
Debian: Security Advisory (DSA-5447-1)
2023-07-07 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2023-7e9d6015f6)
2023-09-16 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2023-d8ae3c122e)
2023-09-03 00:00:00
nessus
nessus
Debian DSA-5447-1 : mediawiki - security update
2023-07-06 00:00:00
Fedora 38 : mediawiki (2023-1fcaba0998)
2023-09-02 00:00:00
Fedora 37 : mediawiki (2023-d8ae3c122e)
2023-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: mediawiki-1.38.7-1.fc37
2023-09-02 01:33:42
[SECURITY] Fedora 39 Update: mediawiki-1.39.4-1.fc39
2023-09-15 19:01:54
[SECURITY] Fedora 38 Update: mediawiki-1.39.4-1.fc38
2023-09-02 01:16:12
mageia
mageia
Updated mediawiki packages fix security vulnerability
2023-07-27 01:07:49
Updated mediawiki packages fix security vulnerability
2023-06-28 08:21:41
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2023-04-21 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2023-08-06 16:15:22
Cross-Site Scripting (XSS)
2023-06-29 07:29:05
Improper Access Control
2023-08-06 13:11:13
debiancve
debiancve
CVE-2023-36675
2023-06-26 01:15:09
CVE-2023-36674
2023-08-20 18:15:09
CVE-2023-29141
2023-03-31 19:15:07
redhatcve
redhatcve
CVE-2023-36675
2023-06-26 08:47:12
CVE-2023-36674
2023-08-22 17:50:29
CVE-2023-29141
2023-03-31 21:43:00
redos
redos
ROS-20240404-12
2024-04-04 00:00:00
nvd
nvd
CVE-2023-36675
2023-06-26 01:15:09
CVE-2023-36674
2023-08-20 18:15:09
CVE-2023-29141
2023-03-31 19:15:07
cve
cve
CVE-2023-36674
2023-08-20 18:15:09
CVE-2023-36675
2023-06-26 01:15:09
CVE-2023-29141
2023-03-31 19:15:07
cvelist
cvelist
CVE-2023-36675
2023-06-26 00:00:00
CVE-2023-36674
2023-08-20 00:00:00
CVE-2023-29141
2023-03-31 00:00:00
prion
prion
Design/Logic Flaw
2023-06-26 01:15:00
Design/Logic Flaw
2023-08-20 18:15:00
Design/Logic Flaw
2023-03-31 19:15:00
ubuntucve
ubuntucve
CVE-2023-36674
2023-08-20 00:00:00
CVE-2023-36675
2023-06-26 00:00:00
CVE-2023-29141
2023-03-31 00:00:00
debian
debian
[SECURITY] [DLA 3540-1] mediawiki security update
2023-08-22 23:08:59

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

68.9%

JSON
Related for DEBIAN:DSA-5447-1:AE4AE
osv8openvas13nessus8fedora5mageia2freebsd1veracode3debiancve3redhatcve3redos1nvd3cve3cvelist3prion3ubuntucve3debian1