ecosyste.ms

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS03aHdyLWY3NDUtNXJ3cc4AAiJ1

Moderate EPSS: 0.00415% (0.60818 Percentile) EPSS:

Permalink JSON

MediaWiki information disclosure

Affected Packages	Affected Versions	Fixed Versions
packagist:mediawiki/core	>= 1.33.0, < 1.33.1, >= 1.32.0, < 1.32.4, >= 1.31.0, < 1.31.4	1.33.1, 1.32.4, 1.31.4
4 Dependent packages 10 Dependent repositories 3,268 Downloads total Affected Version Ranges All affected versions 1.31.0, 1.31.1, 1.31.2, 1.31.3, 1.32.0, 1.32.1, 1.32.2, 1.32.3, 1.33.0 All unaffected versions 1.20.3, 1.20.4, 1.20.5, 1.20.6, 1.20.7, 1.20.8, 1.21.0, 1.21.1, 1.21.2, 1.21.3, 1.21.4, 1.21.5, 1.21.6, 1.21.7, 1.21.8, 1.21.9, 1.21.10, 1.21.11, 1.24.0, 1.24.1, 1.24.2, 1.24.3, 1.24.4, 1.24.5, 1.24.6, 1.25.0, 1.25.1, 1.25.2, 1.25.3, 1.25.4, 1.25.5, 1.25.6, 1.26.0, 1.26.1, 1.26.2, 1.26.3, 1.26.4, 1.27.0, 1.27.1, 1.27.2, 1.27.3, 1.27.4, 1.27.5, 1.27.6, 1.27.7, 1.28.0, 1.28.1, 1.28.2, 1.28.3, 1.29.0, 1.29.1, 1.29.2, 1.29.3, 1.30.0, 1.30.1, 1.30.2, 1.31.4, 1.31.5, 1.31.6, 1.31.7, 1.31.8, 1.31.9, 1.31.10, 1.31.11, 1.31.12, 1.31.13, 1.31.14, 1.31.15, 1.31.16, 1.32.4, 1.32.5, 1.32.6, 1.33.1, 1.33.2, 1.33.3, 1.33.4, 1.34.0, 1.34.1, 1.34.2, 1.34.3, 1.34.4, 1.35.0, 1.35.1, 1.35.2, 1.35.3, 1.35.4, 1.35.5, 1.35.6, 1.35.7, 1.35.8, 1.35.9, 1.35.10, 1.35.11, 1.35.12, 1.35.13, 1.35.14, 1.36.0, 1.36.1, 1.36.2, 1.36.3, 1.36.4, 1.37.0, 1.37.1, 1.37.2, 1.37.3, 1.37.4, 1.37.5, 1.37.6, 1.38.0, 1.38.1, 1.38.2, 1.38.3, 1.38.4, 1.38.5, 1.38.6, 1.38.7, 1.39.0, 1.39.1, 1.39.2, 1.39.3, 1.39.4, 1.39.5, 1.39.6, 1.39.7, 1.39.8, 1.39.9, 1.39.10, 1.39.11, 1.39.12, 1.39.13, 1.40.0, 1.40.1, 1.40.2, 1.40.3, 1.40.4, 1.41.0, 1.41.1, 1.41.2, 1.41.3, 1.41.4, 1.41.5, 1.42.0, 1.42.1, 1.42.2, 1.42.3, 1.42.4, 1.42.5, 1.42.6, 1.42.7, 1.43.0, 1.43.1, 1.43.2

In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.

References: