AVG-2676 log
| Package | mediawiki |
| Status | Not affected |
| Severity | Critical |
| Type | unknown |
| Affected | 1.37.1-1 |
| Fixed | 1.37.2-1 |
| Current | 1.42.3-1 [extra] |
| Ticket | None |
| Created | Tue Apr 12 20:59:40 2022 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2022-28209 | Critical | Unknown | Unknown | An issue was discovered in Mediawiki through 1.37.1. The check for the override-antispoof permission in the AntiSpoof extension is incorrect. |
| CVE-2022-28206 | Critical | Unknown | Unknown | An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidator.php in the FileImporter extension mishandles the check for edit rights. |
| CVE-2022-28205 | Critical | Unknown | Unknown | An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future. |
| Notes |
|---|
affected extensions not included |