CVE-2016-6331

Опубликовано: 20 апр. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to bypass intended per-title read restrictions via a parse action to api.php.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	1.27.1
cosmic	not-affected	1.27.1
devel	not-affected	1.27.1
disco	not-affected	1.27.1
esm-apps/bionic	not-affected	1.27.1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needed]
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 38%

0.00166

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-6331

CVSS3: 7.5

nvd

почти 9 лет назад

ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to bypass intended per-title read restrictions via a parse action to api.php.

CVE-2016-6331

CVSS3: 7.5

debian

почти 9 лет назад

ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x ...

GHSA-fp5m-f325-vm83

CVSS3: 7.5

github

больше 3 лет назад

ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to bypass intended per-title read restrictions via a parse action to api.php.

EPSS

Процентиль: 38%

0.00166

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-6331

Описание

Пакет mediawiki

Ссылки на источники

Связанные уязвимости