ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0338
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0338)
Resumen:	The remote host is missing an update for the 'mediawiki' package(s) announced via the MGASA-2022-0338 advisory.
Descripción:	Summary: The remote host is missing an update for the 'mediawiki' package(s) announced via the MGASA-2022-0338 advisory. Vulnerability Insight: Username is not escaped in the 'welcomeuser' message (T308471). Bundled guzzlehttp/guzzle has been updated to 6.5.8, fixing several issues (CVE-2022-29248, CVE-2022-31042, CVE-2022-31043, CVE-2022-31090, CVE-2022-31091). Affected Software/OS: 'mediawiki' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-29248 https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3 Debian Security Information: DSA-5246 (Google Search) https://www.debian.org/security/2022/dsa-5246 https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab https://github.com/guzzle/guzzle/pull/3018 Common Vulnerability Exposure (CVE) ID: CVE-2022-31042 https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9 https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8 https://www.rfc-editor.org/rfc/rfc9110.html#name-redirection-3xx Common Vulnerability Exposure (CVE) ID: CVE-2022-31043 https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q Common Vulnerability Exposure (CVE) ID: CVE-2022-31090 https://github.com/guzzle/guzzle/security/advisories/GHSA-25mq-v84q-4j7r https://security.gentoo.org/glsa/202305-24 https://github.com/guzzle/guzzle/commit/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82 Common Vulnerability Exposure (CVE) ID: CVE-2022-31091 https://github.com/guzzle/guzzle/security/advisories/GHSA-q559-8m2m-g699
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.