Skip to main content
CVE-2020-15005 LOW PATCH Monitor

In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass PHP Mediawiki Fedora Debian Linux
NVD
CVSS 3.1
3.1
EPSS
1.3%
CVE-2020-4071 LOW PATCH Monitor

In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Python Information Disclosure Django Basic Auth Ip Whitelist
NVD GitHub
CVSS 3.1
2.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy