mediawiki/core vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the mediawiki/core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting

>=0.0.0
  • M
Cross-site Scripting (XSS)

<1.35.12 >=1.36.0, <1.39.5 >=1.40.0, <1.40.1
  • M
Information Exposure

<1.35.12 >=1.36.0, <1.39.5 >=1.40.0, <1.40.1
  • M
Permission Issues

<1.39.5 >=1.40.0, <1.40.1
  • H
Denial of Service (DoS)

<1.35.12 >=1.39.0, <1.39.5 >=1.40.0, <1.40.1
  • H
Cross-site Scripting (XSS)

>=1.40.0
  • M
Arbitrary File Upload

<1.35.11 >=1.38.0, <1.38.7 >=1.39.0, <1.39.4 >=1.40.0-rc.0, <1.40.0
  • M
Cross-site Scripting (XSS)

>=0.0.0
  • L
Cross-site Scripting (XSS)

<1.35.11 >=1.36.0, <1.38.7 >=1.39.0, <1.39.4 >=1.40.0, <1.40.1
  • M
Information Exposure

<1.35.8 >=1.36.0, <1.37.5 >=1.38.0, <1.38.3
  • M
Information Exposure

<1.31.13 >=1.32.0, <1.35.2
  • C
Arbitrary Code Execution

>=0.0.0
  • M
Denial of Service (DoS)

>=0.0.0
  • M
Information Exposure

>=0.0.0
  • M
Information Exposure

>=0.0.0
  • M
Denial of Service (DoS)

<1.35.10 >=1.36.0, <1.38.6 >=1.39.0, <1.39.3
  • M
Denial of Service (DoS)

<1.35.9 >=1.36.0, <1.38.5 >=1.39.0, <1.39.1
  • M
Insecure Permissions

<1.40.0
  • M
Information Exposure

<1.35.8 >=1.36.0, <1.37.5 >=1.38.0, <1.38.3
  • M
Information Exposure

<1.35.5 >=1.36.0, <1.36.3 >=1.37.0, <1.37.1
  • M
Information Exposure

<1.35.5 >=1.36.0, <1.36.3 >=1.37.0, <1.37.1
  • M
Information Exposure

<1.35.8 >=1.36.0, <1.37.5 >=1.38.0, <1.38.3
  • H
Denial of Service (DoS)

<1.35.6 >=1.36.0, <1.36.4 >=1.37.0, <1.37.2
  • H
Denial of Service (DoS)

>=1.37.0, <1.37.2
  • M
Denial of Service (DoS)

<1.35.6 >=1.36.0, <1.36.4 >=1.37.0, <1.37.2
  • M
Access Restriction Bypass

<1.35.8 >=1.36.0, <1.37.5 >=1.38.0, <1.38.3
  • M
Cross-site Scripting (XSS)

<1.39.0-rc.0
  • M
Cross-site Scripting (XSS)

<1.39.0-rc.0
  • H
Denial of Service (DoS)

>=0.0.0
  • M
Information Exposure

>=0.0.0
  • M
Cross-site Scripting (XSS)

<1.38.0-rc.0
  • H
Insecure Permissions

<1.35.6 >=1.36.0, <1.36.4 >=1.37.0, <1.37.2
  • M
Improper Authentication

<1.35.6 >=1.36.0, <1.36.4 >=1.37.0, <1.37.2
  • H
Improper Authorization

<1.35.6 >=1.36.0, <1.36.4 >=1.37.0, <1.37.2
  • M
Information Exposure

<1.23.16 >=1.24.0, <1.27.2 >=1.28.0, <1.28.1
  • H
Denial of Service (DoS)

>=1.37.0, <1.37.1 >=1.36.0, <1.36.3 <1.35.5
  • M
Information Exposure

>=1.37.0, <1.37.1 >=1.36.0, <1.36.3 <1.35.5
  • M
Cross-site Scripting (XSS)

>=1.37.0, <1.37.1 >=1.36.0, <1.36.3 <1.35.5
  • M
Cross-site Request Forgery (CSRF)

>=1.37.0, <1.37.1 >=1.36.0, <1.36.3 <1.35.5
  • M
Cross-site Scripting (XSS)

>=1.37.0, <1.37.1 >=1.36.0, <1.36.3 <1.35.5
  • M
Cross-site Scripting (XSS)

<1.35.5 >=1.36.0, <1.36.3 >=1.37.0, <1.37.1
  • M
Cross-site Scripting (XSS)

<1.35.5 >=1.36.0, <1.36.3 >=1.37.0, <1.37.1
  • M
Cross-site Scripting (XSS)

>=0.0.0
  • M
Access Control Bypass

>=0.0.0
  • H
Arbitrary File Read

<1.35.5 >=1.36.0-rc.0, <1.36.3 >=1.37.0-rc.0
  • H
Arbitrary File Read

<1.35.5 >=1.36.0-rc.0, <1.36.3 >=1.37.0-rc.0
  • H
Directory Traversal

<1.35.5 >=1.36.0-rc.0, <1.36.3 >=1.37.0-rc.0
  • M
Cross-site Scripting (XSS)

>=1.36.0, <1.36.2 >=1.32.0, <1.35.4 <1.31.16
  • M
Denial of Service (DoS)

>=1.36.0, <1.36.2 >=1.32.0, <1.35.4 <1.31.16
  • H
Denial of Service (DoS)

>=1.36.0, <1.36.2 >=1.32.0, <1.35.4 <1.31.16
  • M
Access Restriction Bypass

<1.31.12 >=1.32.0, <1.35.2
  • M
Access Restriction Bypass

>=1.32.0, <1.35.2 <1.31.12
  • M
Improper Access Control

>=1.32.0, <1.35.2 <1.31.13
  • M
Access Restriction Bypass

>=1.32.0, <1.35.2 <1.31.12
  • L
Access Restriction Bypass

<1.31.12 >=1.32.0, <1.35.2
  • M
Cross-site Scripting (XSS)

<1.31.12 >=1.32.0, <1.35.2
  • M
Cross-site Scripting (XSS)

<1.31.12 >=1.32.0, <1.35.2
  • M
Information Exposure

<1.31.11 >=1.35.0, <1.35.1
  • M
Cross-site Request Forgery (CSRF)

<1.31.11 >=1.35.0, <1.35.1
  • L
Open Redirect

>=1.32.0, <1.35.1 <1.31.11
  • M
Cross-site Scripting (XSS)

>=1.32.0, <1.35.1 <1.31.11
  • L
Information Exposure

>=1.32.0, <1.35.1 <1.31.11
  • M
Cross-site Scripting (XSS)

>=1.32.0, <1.35.1 <1.31.11
  • M
Cross-site Scripting (XSS)

>=1.33.0, <1.35.1
  • M
Cross-site Scripting (XSS)

>=1.35.0-rc.0, <1.35.1
  • M
Cross-site Scripting (XSS)

>=1.32.0, <1.34.4 <1.31.10
  • M
Cross-site Scripting (XSS)

>=1.32.0, <1.34.4 <1.31.10
  • H
Information Exposure

>=1.32.0, <1.34.4 <1.31.10
  • M
Improper Input Validation

>=1.31.0, <1.31.6 >=1.32.0, <1.32.6 >=1.33.0, <1.33.2 >=1.33.99, <1.34.0
  • M
Information Exposure

>=1.27.0, <1.27.5 >=1.29.0, <1.29.3 >=1.30.0, <1.30.1 >=1.31.0, <1.31.1
  • M
Improper Input Validation

>=1.27.0, <1.27.5 >=1.29.0, <1.29.3 >=1.30.0, <1.30.1 >=1.31.0, <1.31.1
  • H
Cross-site Request Forgery (CSRF)

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2 >=1.32.0, <1.32.2 >=1.32.99, <1.33.0
  • M
Authentication Bypass

>=1.27.0, <1.27.5 >=1.29.0, <1.29.3 >=1.30.0, <1.30.1 >=1.31.0, <1.31.1
  • H
Improper Access Control

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2 >=1.32.0, <1.32.2
  • H
Denial of Service (DoS)

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2
  • M
Information Exposure

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2 >=1.32.0, <1.32.2
  • M
No Rate Limit or Throttling

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2 >=1.32.0, <1.32.2
  • C
Authentication Bypass

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2 >=1.32.0, <1.32.2
  • M
Cross-site Scripting (XSS)

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2
  • H
Information Exposure

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2 >=1.32.0, <1.32.2
  • M
Improper Access Control

>=1.27.0, <1.27.6 >=1.30.0, <1.30.2 >=1.31.0, <1.31.2 >=1.32.0, <1.32.2
  • M
Insecure Permissions

>=1.31.0, <1.31.1
  • M
Cross-site Scripting (XSS)

>=1.31.0, <1.31.9 >=1.34.0, <1.34.3 >=1.34.99, <1.35.0
  • M
Open Redirect

>=1.34.0, <1.34.1
  • M
Improper Encoding or Escaping of Output

>=1.31.0, <1.31.7 >=1.33.0, <1.33.3 >=1.34.0, <1.34.1
  • M
Information Disclosure

>=1.31.0, <1.31.4 >=1.32.0, <1.32.4 >=1.33.0, <1.33.1
  • M
Access Restriction Bypass

>=1.32.0, <1.34.4 <1.31.10
  • L
Information Exposure

>=1.32.0, <1.34.4 <1.31.10
  • H
Cross-site Scripting (XSS)

>=1.31.0, <1.31.10 >=1.32.0, <1.34.4
  • H
Cross-site Scripting (XSS)

>=1.31.0, <1.31.10 >=1.32.0, <1.34.4
  • M
Cross-site Scripting (XSS)

>=1.31.0, <1.31.10 >=1.32.0, <1.34.4
  • M
Cross-site Scripting (XSS)

>=1.32.0, <1.34.4 >=1.31.0, <1.31.9