Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-61652
CVE-2025-61652:
Linux Debian vulnerability analysis and mitigation
Overview
CVE-2025-61652 is a security vulnerability in MediaWiki related to API user read permissions. The issue specifically involves the improper checking of user read permissions before displaying PageInfo information (Debian Security).
Technical details
The vulnerability affects the API functionality in MediaWiki, specifically concerning the permission checks before showing PageInfo. The issue is present in MediaWiki versions 1.43.3+dfsg-1 and potentially other versions. The vulnerability has been fixed in versions 1:1.35.13-1+deb11u4 for Debian bullseye and 1:1.39.13-1~deb12u1 for Debian bookworm (Debian Tracker).
Impact
The vulnerability could potentially allow unauthorized users to access PageInfo information through the API that they shouldn't have permission to view (Debian Security).
Mitigation and workarounds
Fixed versions are available for several distributions: Debian bullseye (1:1.35.13-1+deb11u4) and Debian bookworm (1:1.39.13-1~deb12u1). Users are advised to upgrade to these patched versions (Debian Tracker).
Additional resources
Source: This report was generated using AI
Related Linux Debian vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management