VIR Vulnerability Intelligence Relay

CVE-2018-0504

unknown
Published 2022-05-13 ยท Modified 2024-05-19
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
โ€”

Description

Mediawiki information disclosure vulnerability

Predictions

Exploit likelihood
30%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact
debian Debian Fixed 5 releases
VersionStatusFixed in
trixie Fixed 1:1.31.1-1
sid Fixed 1:1.31.1-1
forky Fixed 1:1.31.1-1
bullseye Fixed 1:1.31.1-1
bookworm Fixed 1:1.31.1-1

Package impact
EcosystemPackageVulnerableFixed
php Packagistmediawiki/core>=1.27.0,<1.27.51.27.5
php Packagistmediawiki/core>=1.29.0,<1.29.31.29.3
php Packagistmediawiki/core>=1.30.0,<1.30.11.30.1
php Packagistmediawiki/core>=1.31.0,<1.31.11.31.1

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.