mediawiki vulnerabilities

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the mediawiki package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • M
CVE-2021-30159
<1:1.27.7-1~deb9u8 Not available 10 Apr, 2021
  • M
Incorrect Permission Assignment for Critical Resource
<1:1.27.7-1~deb9u8 Not available 10 Apr, 2021
  • M
Missing Authorization
<1:1.27.7-1~deb9u8 Not available 10 Apr, 2021
  • M
Improper Authentication
<1:1.27.7-1~deb9u8 Not available 07 Apr, 2021
  • H
CVE-2021-27291
<1:1.27.7-1~deb9u8 Not available 18 Mar, 2021
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')
<1:1.27.7-1~deb9u8 Not available 06 Mar, 2021
  • M
Cross-site Scripting (XSS)
<1:1.27.7-1~deb9u7 Not available 18 Dec, 2020
  • M
Information Exposure
<1:1.27.7-1~deb9u7 Not available 18 Dec, 2020
  • M
Improper Input Validation
<1:1.27.7-1~deb9u7 Not available 18 Dec, 2020
  • M
Cross-site Scripting (XSS)
<1:1.27.7-1~deb9u4 Not available 25 Sep, 2020
  • M
Cross-site Scripting (XSS)
<1:1.27.7-1~deb9u4 Not available 25 Sep, 2020
  • H
Improper Restriction of Excessive Authentication Attempts
<1:1.27.7-1~deb9u4 Not available 25 Sep, 2020
  • M
CVE-2020-25813
<1:1.27.7-1~deb9u4 Not available 25 Sep, 2020
  • L
Information Exposure
<1:1.27.7-1~deb9u7 Not available 25 Jun, 2020
  • M
Open Redirect
<1:1.27.7-1~deb9u3 Not available 12 Dec, 2019
  • M
Information Exposure
<1:1.27.7-1~deb9u2 Not available 26 Sep, 2019
  • M
Cross-site Scripting (XSS)
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • H
Improper Input Validation
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • H
Cross-site Request Forgery (CSRF)
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • M
Improper Access Control
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • M
Missing Authorization
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • H
Missing Authentication for Critical Function
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • M
Missing Authorization
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • H
Improper Access Control
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • H
Information Exposure
<1:1.27.7-1~deb9u1 Not available 09 Jun, 2019
  • M
Cross-site Scripting (XSS)
<1:1.27.7-1~deb9u1 Not available 20 Apr, 2019
  • M
Improper Privilege Management
<1:1.27.5-1~deb9u1 Not available 25 Sep, 2018
  • M
Information Exposure Through Log Files
<1:1.27.5-1~deb9u1 Not available 25 Sep, 2018
  • M
Improper Authentication
<1:1.27.5-1~deb9u1 Not available 25 Sep, 2018
  • M
Cross-site Scripting (XSS)
<1:1.19.10+dfsg-1 Not available 27 Jun, 2018