Nixpkgs security tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: mediawiki

Found 33 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2025-61639
created 4 months, 2 weeks ago Activity log
  • Created suggestion 4 months, 2 weeks ago
Suppressed blocked IP is visible in Special:BlockList, RC, and other places

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.

Affected products

MediaWiki
  • <1.39.14, 1.43.4, 1.44.1

Matching in nixpkgs

pkgs.mediawiki

Collaborative editing software that runs Wikipedia

Package maintainers

Untriaged
Permalink CVE-2025-61634
created 4 months, 2 weeks ago Activity log
  • Created suggestion 4 months, 2 weeks ago
HTML rest endpoint needs PoolCounter and proper parser cache check

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.

Affected products

MediaWiki
  • <1.39.14, 1.43.4, 1.44.1

Matching in nixpkgs

pkgs.mediawiki

Collaborative editing software that runs Wikipedia

Package maintainers

Untriaged
Permalink CVE-2025-61641
created 4 months, 2 weeks ago Activity log
  • Created suggestion 4 months, 2 weeks ago
API list=allpages with maxsize is making really slow queries

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.

Affected products

MediaWiki
  • <1.39.14, 1.43.4, 1.44.1

Matching in nixpkgs

pkgs.mediawiki

Collaborative editing software that runs Wikipedia

Package maintainers