Description
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.
References (5)
Scores
CVSS v3
9.8
EPSS
0.0066
EPSS Percentile
71.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-1284
Status
published
Products (4)
fedoraproject/fedora
33
fedoraproject/fedora
34
fedoraproject/fedora
35
mediawiki/mediawiki
< 1.35.2
Published
Aug 12, 2021
Tracked Since
Feb 18, 2026