CVE-2022-28201

MEDIUM Year: 2022
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-674
View all →

Vulnerability Description

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message.

Related Vulnerabilities

CVE-2018-16426

MEDIUM
CVSS:4.3(Medium)

Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards...

CWE-6742018

CVE-2024-2965

MEDIUM
CVSS:4.2(Medium)

A Denial-of-Service (DoS) vulnerability exists in the `SitemapLoader` class of the `langchain-ai/langchain` repository, affecting all versions. The `parse_sitemap` method, responsible for parsing site...

CWE-6742024

CVE-2024-54731

MEDIUM
CVSS:4.0(Medium)

cpdf through 2.8 allows stack consumption via a crafted PDF document.

CWE-6742024

CVE-2018-4002

MEDIUM
CVSS:5.3(Medium)

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label c...

CWE-6742018

CVE-2022-23889

MEDIUM
CVSS:5.3(Medium)

The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually large number of comments.

CWE-6742022

CVE-2022-3222

MEDIUM
CVSS:5.3(Medium)

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.

CWE-6742022