Security bugs
 | This page is outdated. |
| Bug | CVE | Details | Introduced | Fixed | Affected versions |
|---|---|---|---|---|---|
| bug 40995 | CVE-2012-5391 | Session fixation in Special:UserLogin | ? | 1.20.1, 1.21 | All previous versions (?) |
| bug 43518 | CVE-2013-1817 | A sysop can obtain the password hashes and private email addressof other users. | r83855 (0a8a3b45) | 1.19.3, 1.20.3, 1.21 | 1.18, 1.19, 1.20.0, 1.20.1, 1.20.2 |
| bug 45355 | CVE-2013-1818 | Read of arbitrary files under certain circumstances. | git #ab59fadb | 1.20.3 / 1.21 | 1.20.0, 1.20.1, 1.20.2 |
| task T248947 | CVE-2020-15005 | img_auth.php may leak private extension images into the public cache. | git #0eb52399 | 1.31.8 / 1.33.4 / 1.34.2 | 1.23+ |