CVE-2023-36674 : An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x befor

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.

Published 2023-08-20 18:15:10

Updated 2024-10-08 15:35:10

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2023-36674

Mediawiki » Mediawiki
Versions from including (>=) 1.36.0 and before (<) 1.38.7
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
Matching versions
Mediawiki » Mediawiki
Versions from including (>=) 1.39.0 and before (<) 1.39.4
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
Matching versions
Mediawiki » Mediawiki
Versions before (<) 1.35.11
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
Matching versions
Mediawiki » Mediawiki » Version: 1.40.0
cpe:2.3:a:mediawiki:mediawiki:1.40.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-36674

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-36674

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: None

CWE ids for CVE-2023-36674

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2023-36674

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/

[SECURITY] Fedora 37 Update: mediawiki-1.38.7-1.fc37 - package-announce - Fedora Mailing-Lists

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/

[SECURITY] Fedora 39 Update: mediawiki-1.39.4-1.fc39 - package-announce - Fedora Mailing-Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/

[SECURITY] Fedora 38 Update: mediawiki-1.39.4-1.fc38 - package-announce - Fedora Mailing-Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UIVGYECQGTUC2LLPVCZBPDLCTOHL2F6/

[SECURITY] Fedora 37 Update: mediawiki-1.38.7-1.fc37 - package-announce - Fedora Mailing-Lists
https://phabricator.wikimedia.org/T335612

⚓ T335612 CVE-2023-36674: Manualthumb bypasses badFile lookup
Issue Tracking;Patch
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOAXEGYBOEM4JWB4J3BDH73NK2LCYC3O/

[SECURITY] Fedora 38 Update: mediawiki-1.39.4-1.fc38 - package-announce - Fedora Mailing-Lists

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CHRX6DSLAMVXCV2YMJEWOLTBEYSESE5/

[SECURITY] Fedora 39 Update: mediawiki-1.39.4-1.fc39 - package-announce - Fedora Mailing-Lists

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-36674

Products affected by CVE-2023-36674

Exploit prediction scoring system (EPSS) score for CVE-2023-36674

CVSS scores for CVE-2023-36674

CWE ids for CVE-2023-36674

References for CVE-2023-36674