CVE-2017-0361 log

Severity High
Remote No
Type Information disclosure
MediaWiki before 1.29.2 may leak passwords in plaintext. API parameters may now be marked as "sensitive" to keep their values out of the logs.
Group Package Affected Fixed Severity Status Ticket
AVG-490 mediawiki 1.29.1-1 1.29.2-1 High Fixed
AVG-236 mediawiki 1.28.0-1 1.28.1-1 High Fixed
Date Advisory Group Package Severity Type
15 Nov 2017 ASA-201711-20 AVG-490 mediawiki High multiple issues
07 Apr 2017 ASA-201704-3 AVG-236 mediawiki High multiple issues
CVE-2017-0361 wasn't correctly fixed in all branches and previous security releases before 1.29.2.