CVE-2019-18987

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-18987
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18987.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-18987
Published
2019-11-15T06:15:10.333Z
Modified
2026-03-13T14:34:51.654770Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.

References

Affected packages

Git / github.com/wikimedia/mediawiki-extensions-abusefilter

Affected ranges

Type
GIT
Repo
https://github.com/wikimedia/mediawiki-extensions-abusefilter
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3c2035dd9e2a0dc1398403fe092bcc3a90f5fec6
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.34"
        }
    ]
}

Affected versions

Other
REL1_19
REL1_20
REL1_21
REL1_22
REL1_29
REL1_34

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18987.json"