CVE-2017-0361 log
Source |
|
Severity | High |
Remote | No |
Type | Information disclosure |
Description | MediaWiki before 1.29.2 may leak passwords in plaintext. API parameters may now be marked as "sensitive" to keep their values out of the logs. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-490 | mediawiki | 1.29.1-1 | 1.29.2-1 | High | Fixed | |
AVG-236 | mediawiki | 1.28.0-1 | 1.28.1-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
15 Nov 2017 | ASA-201711-20 | AVG-490 | mediawiki | High | multiple issues |
07 Apr 2017 | ASA-201704-3 | AVG-236 | mediawiki | High | multiple issues |
Notes |
---|
CVE-2017-0361 wasn't correctly fixed in all branches and previous security releases before 1.29.2. |