Robinhood70

#22155de 53,633
10.3CVSS total
Vulnerabilidades · 2
Baixa
1
Média
1
PT-2015-7700
3.5
2015-10-29
Wikimedia · Mediawiki · CVE-2015-8001
**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.23.11 MediaWiki versions 1.24.x prior to 1.24.4 MediaWiki versions 1.25.x prior to 1.25.3 **Description** The issue concerns the chunked upload API in MediaWiki, where the uploaded data is not restricted to the claimed file size. This allows remote authenticated users to cause a denial of service by uploading a chunk that exceeds the file size. **Recommendations** For versions prior to 1.23.11, update to version 1.23.11 or later. For versions 1.24.x prior to 1.24.4, update to version 1.24.4 or later. For versions 1.25.x prior to 1.25.3, update to version 1.25.3 or later.
PT-2015-7701
6.8
2015-10-29
Wikimedia · Mediawiki · CVE-2015-8002
**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.23.11 MediaWiki versions 1.24.x prior to 1.24.4 MediaWiki versions 1.25.x prior to 1.25.3 **Description** The issue allows remote authenticated users to cause a denial of service, specifically disk consumption, by uploading files in one byte chunks using the chunked upload API (ApiUpload). **Recommendations** For MediaWiki versions prior to 1.23.11, update to version 1.23.11 or later. For MediaWiki versions 1.24.x prior to 1.24.4, update to version 1.24.4 or later. For MediaWiki versions 1.25.x prior to 1.25.3, update to version 1.25.3 or later.