FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mediawiki -- multiple vulnerabilities

Affected packages
mediawiki135 < 1.35.11
mediawiki138 < 1.38.7
mediawiki139 < 1.39.4


VuXML ID 95dad123-180e-11ee-86ba-080027eda32c
Discovery 2023-04-21
Entry 2023-07-01

Mediawiki reports:

(T335203, CVE-2023-29197) Upgrade guzzlehttp/psr7 to >= 1.9.1/2.4.5.

(T335612, CVE-2023-36674) Manualthumb bypasses badFile lookup.

(T332889, CVE-2023-36675) XSS in BlockLogFormatter due to unsafe message use.


CVE Name CVE-2023-29197
CVE Name CVE-2023-36674
CVE Name CVE-2023-36675