CVE-2021-30156

Опубликовано: 06 апр. 2021

Источник: redhat

CVSS3: 5.4

Описание

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

In mediawiki package, the "Special:Contributions" functionality can leak information that a "hidden" user exists.

Отчет

The mediawiki package was removed from OpenShift Container Platform (OCP) in version 4.3, therefore for OCP 4 has been marked as out of support scope.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenShift Container Platform 3.11	mediawiki	Will not fix
Red Hat OpenShift Container Platform 4	mediawiki	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=1948643mediawiki: Special: Contributions toolbar reveals existence of hidden users

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2021-30156

CVSS3: 4.3

ubuntu

почти 5 лет назад

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

CVE-2021-30156

CVSS3: 4.3

nvd

почти 5 лет назад

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

CVE-2021-30156

CVSS3: 4.3

debian

почти 5 лет назад

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...

GHSA-4w3g-mpj2-j247

CVSS3: 4.3

github

больше 3 лет назад

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

5.4 Medium

CVSS3