Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-44854HistoryDec 26, 2022 - 5:15 a.m.
CVE-2021-44854
2022-12-2605:15:10
Debian Security Bug Tracker
security-tracker.debian.org
24
mediawiki
rest api
caching
security issue
private wikis
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
32.4%
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mediawiki | < 1:1.35.5-1 | mediawiki_1:1.35.5-1_all.deb |
| Debian | 11 | all | mediawiki | < 1:1.35.8-1~deb11u1 | mediawiki_1:1.35.8-1~deb11u1_all.deb |
| Debian | 999 | all | mediawiki | < 1:1.35.5-1 | mediawiki_1:1.35.5-1_all.deb |
| Debian | 13 | all | mediawiki | < 1:1.35.5-1 | mediawiki_1:1.35.5-1_all.deb |
Related
cve
cve
CVE-2021-44854
2022-12-26 05:15:10
osv
osv
CVE-2021-44854
2022-12-26 05:15:10
BIT-mediawiki-2021-44854
2024-03-06 11:09:50
mediawiki - security update
2022-10-04 00:00:00
nvd
nvd
CVE-2021-44854
2022-12-26 05:15:10
cvelist
cvelist
CVE-2021-44854
2022-12-26 00:00:00
redhatcve
redhatcve
CVE-2021-44854
2022-12-26 11:34:49
prion
prion
Design/Logic Flaw
2022-12-26 05:15:00
veracode
veracode
Information Disclosure
2021-12-31 23:25:27
ubuntucve
ubuntucve
CVE-2021-44854
2022-12-26 00:00:00
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2021-12-19 15:26:08
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2021-12-01 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0568)
2022-01-28 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2023-30a7a812f0)
2023-01-29 00:00:00
nessus
nessus
FreeBSD : mediawiki -- multiple vulnerabilities (0a50bb48-625f-11ec-a1fb-080027cb2f6f)
2021-12-21 00:00:00
Fedora 37 : mediawiki (2023-30a7a812f0)
2023-01-27 00:00:00
Debian DLA-3117-1 : mediawiki - LTS security update
2022-09-25 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: mediawiki-1.38.5-1.fc37
2023-01-27 08:58:39
debian
debian
[SECURITY] [DSA 5246-1] mediawiki security update
2022-10-04 18:53:33
gentoo
gentoo
MediaWiki: Multiple Vulnerabilities
2023-05-21 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
32.4%
Related for DEBIANCVE:CVE-2021-44854