CVE-2022-41767
Gentoo Linux Security Advisory 202305-24
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. When changes made by an IP address are reassigned to a user (using reassignEdits.php), the changes will still be attributed to the IP address on Special:Contributions when doing a range lookup.
Se descubrió un problema en MediaWiki antes de 1.35.8, 1.36.x y 1.37.x antes de 1.37.5 y 1.38.x antes de 1.38.3. Cuando los cambios realizados por una dirección IP se reasignan a un usuario (usando reassignEdits.php), los cambios aún se atribuirán a la dirección IP en Especial: Contribuciones al realizar una búsqueda de rango.
Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service. Versions greater than or equal to 1.25.2 are affected.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2022-09-29 CVE Reserved
- 2022-12-26 CVE Published
- 2025-03-30 EPSS Updated
- 2025-04-14 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://security.gentoo.org/glsa/202305-24 |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://phabricator.wikimedia.org/T316304 | 2023-05-21 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mediawiki Search vendor "Mediawiki" | Mediawiki Search vendor "Mediawiki" for product "Mediawiki" | < 1.35.8 Search vendor "Mediawiki" for product "Mediawiki" and version " < 1.35.8" | - |
Affected
| ||||||
| Mediawiki Search vendor "Mediawiki" | Mediawiki Search vendor "Mediawiki" for product "Mediawiki" | >= 1.36.0 < 1.37.5 Search vendor "Mediawiki" for product "Mediawiki" and version " >= 1.36.0 < 1.37.5" | - |
Affected
| ||||||
| Mediawiki Search vendor "Mediawiki" | Mediawiki Search vendor "Mediawiki" for product "Mediawiki" | >= 1.38.0 < 1.38.3 Search vendor "Mediawiki" for product "Mediawiki" and version " >= 1.38.0 < 1.38.3" | - |
Affected
| ||||||