CVE-2023-29141
Summary
| CVE | CVE-2023-29141 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-03-31 19:15:00 UTC |
| Updated | 2023-11-07 04:11:00 UTC |
| Description | An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Fedoraproject | Fedora | 37 | All | All | All |
| Application | Mediawiki | Mediawiki | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 37 Update: mediawiki-1.38.6-1.fc37 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] [DLA 3540-1] mediawiki security update | MLIST | lists.debian.org | |
| RELEASE-NOTES-1.39 - mediawiki/core - Gitiles | MISC | gerrit.wikimedia.org | |
| Debian -- Security Information -- DSA-5447-1 mediawiki | DEBIAN | www.debian.org | |
| [SECURITY] Fedora 38 Update: mediawiki-1.39.3-1.fc38 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| Login | MISC | phabricator.wikimedia.org | |
| [SECURITY] Fedora 38 Update: mediawiki-1.39.3-1.fc38 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 37 Update: mediawiki-1.38.6-1.fc37 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | Mailing List |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.