Homepage

mediawiki/core/.../core vulnerabilities

  • licenses detected

    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the mediawiki/core package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Information Exposure

    <1.31.8>=1.32.0, <1.33.4>=1.34.0, <1.34.2
    • M
    Cross-site Scripting (XSS)

    >=1.20.3, <1.21.9>=1.22.0, <1.22.6
    • M
    Cross-site Scripting

    <1.39.7>=1.40.0, <1.40.3>=1.41.0, <1.41.1
    • M
    Resource Exhaustion

    <1.39.7>=1.40.0, <1.40.3>=1.41.0, <1.41.1
    • M
    Cross-site Scripting

    <1.35.14>=1.39.0, <1.39.6>=1.40.0, <1.40.2
    • M
    Cross-site Scripting (XSS)

    <1.35.12>=1.36.0, <1.39.5>=1.40.0, <1.40.1
    • M
    Information Exposure

    <1.35.12>=1.36.0, <1.39.5>=1.40.0, <1.40.1
    • M
    Permission Issues

    <1.39.5>=1.40.0, <1.40.1
    • H
    Denial of Service (DoS)

    <1.35.12>=1.39.0, <1.39.5>=1.40.0, <1.40.1
    • H
    Cross-site Scripting (XSS)

    >=1.40.0
    • M
    Arbitrary File Upload

    <1.35.11>=1.38.0, <1.38.7>=1.39.0, <1.39.4>=1.40.0-rc.0, <1.40.0
    • L
    Cross-site Scripting (XSS)

    <1.35.11>=1.36.0, <1.38.7>=1.39.0, <1.39.4>=1.40.0, <1.40.1
    • M
    Information Exposure

    <1.35.8>=1.36.0, <1.37.5>=1.38.0, <1.38.3
    • M
    Information Exposure

    <1.31.13>=1.32.0, <1.35.2
    • M
    Denial of Service (DoS)

    <1.35.10>=1.36.0, <1.38.6>=1.39.0, <1.39.3
    • M
    Denial of Service (DoS)

    <1.35.9>=1.36.0, <1.38.5>=1.39.0, <1.39.1
    • M
    Insecure Permissions

    <1.40.0
    • M
    Information Exposure

    <1.35.8>=1.36.0, <1.37.5>=1.38.0, <1.38.3
    • M
    Information Exposure

    <1.35.5>=1.36.0, <1.36.3>=1.37.0, <1.37.1
    • M
    Information Exposure

    <1.35.5>=1.36.0, <1.36.3>=1.37.0, <1.37.1
    • M
    Information Exposure

    <1.35.8>=1.36.0, <1.37.5>=1.38.0, <1.38.3
    • H
    Denial of Service (DoS)

    <1.35.6>=1.36.0, <1.36.4>=1.37.0, <1.37.2
    • H
    Denial of Service (DoS)

    >=1.37.0, <1.37.2
    • M
    Denial of Service (DoS)

    <1.35.6>=1.36.0, <1.36.4>=1.37.0, <1.37.2
    • M
    Access Restriction Bypass

    <1.35.8>=1.36.0, <1.37.5>=1.38.0, <1.38.3
    • M
    Cross-site Scripting (XSS)

    <1.39.0-rc.0
    • M
    Cross-site Scripting (XSS)

    <1.39.0-rc.0
    • M
    Cross-site Scripting (XSS)

    <1.38.0-rc.0
    • H
    Insecure Permissions

    <1.35.6>=1.36.0, <1.36.4>=1.37.0, <1.37.2
    • M
    Improper Authentication

    <1.35.6>=1.36.0, <1.36.4>=1.37.0, <1.37.2
    • H
    Improper Authorization

    <1.35.6>=1.36.0, <1.36.4>=1.37.0, <1.37.2
    • M
    Information Exposure

    <1.23.16>=1.24.0, <1.27.2>=1.28.0, <1.28.1
    • H
    Denial of Service (DoS)

    >=1.37.0, <1.37.1>=1.36.0, <1.36.3<1.35.5
    • M
    Information Exposure

    >=1.37.0, <1.37.1>=1.36.0, <1.36.3<1.35.5
    • M
    Cross-site Scripting (XSS)

    >=1.37.0, <1.37.1>=1.36.0, <1.36.3<1.35.5
    • M
    Cross-site Request Forgery (CSRF)

    >=1.37.0, <1.37.1>=1.36.0, <1.36.3<1.35.5
    • M
    Cross-site Scripting (XSS)

    >=1.37.0, <1.37.1>=1.36.0, <1.36.3<1.35.5
    • M
    Cross-site Scripting (XSS)

    <1.35.5>=1.36.0, <1.36.3>=1.37.0, <1.37.1
    • M
    Cross-site Scripting (XSS)

    <1.35.5>=1.36.0, <1.36.3>=1.37.0, <1.37.1
    • H
    Arbitrary File Read

    <1.35.5>=1.36.0-rc.0, <1.36.3>=1.37.0-rc.0
    • H
    Arbitrary File Read

    <1.35.5>=1.36.0-rc.0, <1.36.3>=1.37.0-rc.0
    • H
    Directory Traversal

    <1.35.5>=1.36.0-rc.0, <1.36.3>=1.37.0-rc.0
    • H
    Denial of Service (DoS)

    >=1.36.0, <1.36.2>=1.32.0, <1.35.4<1.31.16
    • M
    Denial of Service (DoS)

    >=1.36.0, <1.36.2>=1.32.0, <1.35.4<1.31.16
    • M
    Cross-site Scripting (XSS)

    >=1.36.0, <1.36.2>=1.32.0, <1.35.4<1.31.16
    • M
    Access Restriction Bypass

    <1.31.12>=1.32.0, <1.35.2
    • M
    Access Restriction Bypass

    >=1.32.0, <1.35.2<1.31.12
    • M
    Improper Access Control

    >=1.32.0, <1.35.2<1.31.13
    • M
    Access Restriction Bypass

    >=1.32.0, <1.35.2<1.31.12
    • L
    Access Restriction Bypass

    <1.31.12>=1.32.0, <1.35.2
    • M
    Cross-site Scripting (XSS)

    <1.31.12>=1.32.0, <1.35.2
    • M
    Cross-site Scripting (XSS)

    <1.31.12>=1.32.0, <1.35.2
    • M
    Information Exposure

    <1.31.11>=1.35.0, <1.35.1
    • M
    Cross-site Request Forgery (CSRF)

    <1.31.11>=1.35.0, <1.35.1
    • L
    Open Redirect

    >=1.32.0, <1.35.1<1.31.11
    • M
    Cross-site Scripting (XSS)

    >=1.32.0, <1.35.1<1.31.11
    • M
    Cross-site Scripting (XSS)

    >=1.32.0, <1.35.1<1.31.11
    • M
    Cross-site Scripting (XSS)

    >=1.33.0, <1.35.1
    • L
    Information Exposure

    >=1.32.0, <1.35.1<1.31.11
    • M
    Cross-site Scripting (XSS)

    >=1.35.0-rc.0, <1.35.1
    • M
    Cross-site Scripting (XSS)

    >=1.32.0, <1.34.4<1.31.10
    • M
    Cross-site Scripting (XSS)

    >=1.32.0, <1.34.4<1.31.10
    • H
    Information Exposure

    >=1.32.0, <1.34.4<1.31.10
    • M
    Improper Input Validation

    >=1.31.0, <1.31.6>=1.32.0, <1.32.6>=1.33.0, <1.33.2>=1.33.99, <1.34.0
    • M
    Information Exposure

    >=1.27.0, <1.27.5>=1.29.0, <1.29.3>=1.30.0, <1.30.1>=1.31.0, <1.31.1
    • M
    Improper Input Validation

    >=1.27.0, <1.27.5>=1.29.0, <1.29.3>=1.30.0, <1.30.1>=1.31.0, <1.31.1
    • H
    Cross-site Request Forgery (CSRF)

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2>=1.32.0, <1.32.2>=1.32.99, <1.33.0
    • M
    Authentication Bypass

    >=1.27.0, <1.27.5>=1.29.0, <1.29.3>=1.30.0, <1.30.1>=1.31.0, <1.31.1
    • H
    Improper Access Control

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2>=1.32.0, <1.32.2
    • H
    Denial of Service (DoS)

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2
    • M
    Information Exposure

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2>=1.32.0, <1.32.2
    • M
    No Rate Limit or Throttling

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2>=1.32.0, <1.32.2
    • C
    Authentication Bypass

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2>=1.32.0, <1.32.2
    • M
    Cross-site Scripting (XSS)

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2
    • H
    Information Exposure

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2>=1.32.0, <1.32.2
    • M
    Improper Access Control

    >=1.27.0, <1.27.6>=1.30.0, <1.30.2>=1.31.0, <1.31.2>=1.32.0, <1.32.2
    • M
    Insecure Permissions

    >=1.31.0, <1.31.1
    • M
    Cross-site Scripting (XSS)

    >=1.31.0, <1.31.9>=1.34.0, <1.34.3>=1.34.99, <1.35.0
    • M
    Open Redirect

    >=1.34.0, <1.34.1
    • M
    Improper Encoding or Escaping of Output

    >=1.31.0, <1.31.7>=1.33.0, <1.33.3>=1.34.0, <1.34.1
    • M
    Information Disclosure

    >=1.31.0, <1.31.4>=1.32.0, <1.32.4>=1.33.0, <1.33.1
    • M
    Access Restriction Bypass

    >=1.32.0, <1.34.4<1.31.10
    • L
    Information Exposure

    >=1.32.0, <1.34.4<1.31.10
    • H
    Cross-site Scripting (XSS)

    >=1.31.0, <1.31.10>=1.32.0, <1.34.4
    • H
    Cross-site Scripting (XSS)

    >=1.31.0, <1.31.10>=1.32.0, <1.34.4
    • M
    Cross-site Scripting (XSS)

    >=1.31.0, <1.31.10>=1.32.0, <1.34.4
    • M
    Cross-site Scripting (XSS)

    >=1.32.0, <1.34.4>=1.31.0, <1.31.9