mediawiki vulnerabilities

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the mediawiki package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • M
CVE-2021-30159
<1:1.35.2-1 Not available 10 Apr, 2021
  • L
CVE-2021-30153
<1:1.35.2-1 Not available 10 Apr, 2021
  • M
Incorrect Permission Assignment for Critical Resource
<1:1.35.2-1 Not available 10 Apr, 2021
  • M
Cross-site Scripting (XSS)
<1:1.35.2-1 Not available 10 Apr, 2021
  • M
Missing Authorization
<1:1.35.2-1 Not available 10 Apr, 2021
  • M
Cross-site Scripting (XSS)
<1:1.35.2-1 Not available 07 Apr, 2021
  • M
Improper Authentication
<1:1.35.2-1 Not available 07 Apr, 2021
  • M
Cross-site Scripting (XSS)
<1:1.35.2-1 Not available 07 Apr, 2021
  • H
CVE-2021-27291
<1:1.35.2-1 Not available 18 Mar, 2021
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')
<1:1.35.2-1 Not available 06 Mar, 2021
  • M
Cross-site Scripting (XSS)
<1:1.35.1-1 Not available 18 Dec, 2020
  • M
Information Exposure
<1:1.35.1-1 Not available 18 Dec, 2020
  • M
Cross-site Scripting (XSS)
<1:1.35.1-1 Not available 18 Dec, 2020
  • H
Improper Encoding or Escaping of Output
<1:1.35.1-1 Not available 18 Dec, 2020
  • M
Improper Input Validation
<1:1.35.1-1 Not available 18 Dec, 2020
  • M
Cross-site Scripting (XSS)
<1:1.35.1-1 Not available 18 Dec, 2020
  • M
Cross-site Scripting (XSS)
<1:1.35.0-1 Not available 25 Sep, 2020
  • M
Cross-site Scripting (XSS)
<1:1.35.0-1 Not available 25 Sep, 2020
  • M
Cross-site Scripting (XSS)
<1:1.35.0-1 Not available 25 Sep, 2020
  • H
Improper Restriction of Excessive Authentication Attempts
<1:1.35.0-1 Not available 25 Sep, 2020
  • M
CVE-2020-25813
<1:1.35.0-1 Not available 25 Sep, 2020
  • M
Cross-site Scripting (XSS)
<1:1.35.0-1 Not available 25 Sep, 2020
  • L
Information Exposure
<1:1.31.8-1 Not available 25 Jun, 2020
  • M
Improper Encoding or Escaping of Output
<1:1.31.7-1 Not available 27 Mar, 2020
  • M
Open Redirect
<1:1.31.6-1 Not available 12 Dec, 2019
  • M
Information Exposure
<1:1.31.4-1 Not available 26 Sep, 2019
  • M
Cross-site Scripting (XSS)
<1:1.31.2-1 Not available 09 Jun, 2019
  • H
Improper Input Validation
<1:1.31.2-1 Not available 09 Jun, 2019
  • H
Cross-site Request Forgery (CSRF)
<1:1.31.2-1 Not available 09 Jun, 2019
  • M
Improper Access Control
<1:1.31.2-1 Not available 09 Jun, 2019