CVE-2023-22909

Published: Jan 10, 2023Modified: Apr 7, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow.

Affected (6)

Products: Mediawiki: Mediawiki · Fedoraproject: Fedora

1 product

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Mediawiki Mediawiki	Before 1.35.9
Mediawiki Mediawiki	From 1.36.0 to 1.38.5
Mediawiki Mediawiki	Version 1.39.0
Mediawiki Mediawiki	Version 1.39.0 rc0
Mediawiki Mediawiki	Version 1.39.0 rc1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 37

References (4)

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/

Source: cve@mitre.org

https://phabricator.wikimedia.org/T320987

Source: cve@mitre.org

Issue TrackingPatchVendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/

Source: af854a3a-2127-422b-91ae-364da2661108

https://phabricator.wikimedia.org/T320987

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchVendor Advisory

Timeline

No history available yet.