Описание
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | released | 1:1.31.2-1 |
| disco | ignored | end of life |
| eoan | released | 1:1.31.2-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | released | 1:1.31.2-1 |
| esm-apps/jammy | released | 1:1.31.2-1 |
| esm-apps/noble | released | 1:1.31.2-1 |
| esm-infra-legacy/trusty | DNE |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Pri ...
Уязвимость программного средства для реализации гипертекстовой среды MediaWiki, связанная с передачей недопустимых заголовков в API, позволяющая нарушителю несанкционированный доступ к защищаемой информации
EPSS
5 Medium
CVSS2
7.5 High
CVSS3