Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2018-25246

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 1 week, 6 days ago

Wikipedia 12.0 Denial of Service via Search

Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash.

References

ExploitDB-45324 exploit
Product Reference product

Affected products

Wikipedia

==12.0

Matching in nixpkgs

pkgs.python312Packages.wikipedia

Pythonic wrapper for the Wikipedia API

nixos-25.11 1.4.0
- nixos-25.11-small 1.4.0
- nixpkgs-25.11-darwin 1.4.0

pkgs.python313Packages.wikipedia

Pythonic wrapper for the Wikipedia API

nixos-unstable 1.4.0
- nixpkgs-unstable 1.4.0
- nixos-unstable-small 1.4.0
nixos-25.11 1.4.0
- nixos-25.11-small 1.4.0
- nixpkgs-25.11-darwin 1.4.0

pkgs.python314Packages.wikipedia

Pythonic wrapper for the Wikipedia API

nixos-unstable 1.4.0
- nixpkgs-unstable 1.4.0
- nixos-unstable-small 1.4.0

pkgs.python312Packages.wikipedia-api

Python wrapper for Wikipedia

nixos-25.11 0.8.1
- nixos-25.11-small 0.8.1
- nixpkgs-25.11-darwin 0.8.1

pkgs.python312Packages.wikipedia2vec

Tool for learning vector representations of words and entities from Wikipedia

nixos-25.11 wikipedia2vec-2.0.0
- nixos-25.11-small wikipedia2vec-2.0.0
- nixpkgs-25.11-darwin wikipedia2vec-2.0.0

pkgs.python313Packages.wikipedia-api

Python wrapper for Wikipedia

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.8.1
- nixos-25.11-small 0.8.1
- nixpkgs-25.11-darwin 0.8.1

pkgs.python313Packages.wikipedia2vec

Tool for learning vector representations of words and entities from Wikipedia

nixos-unstable wikipedia2vec-2.0.0
- nixpkgs-unstable wikipedia2vec-2.0.0
- nixos-unstable-small wikipedia2vec-2.0.0
nixos-25.11 wikipedia2vec-2.0.0
- nixos-25.11-small wikipedia2vec-2.0.0
- nixpkgs-25.11-darwin wikipedia2vec-2.0.0

pkgs.python314Packages.wikipedia-api

Python wrapper for Wikipedia

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0

pkgs.python314Packages.wikipedia2vec

Tool for learning vector representations of words and entities from Wikipedia

nixos-unstable wikipedia2vec-2.0.0
- nixpkgs-unstable wikipedia2vec-2.0.0
- nixos-unstable-small wikipedia2vec-2.0.0

Package maintainers

@natsukium Tomoya Otabi <nixpkgs@natsukium.com>
@mbalatsko Maksym Balatsko <mbalatsko@gmail.com>
@DerDennisOP Dennis <dennish@wuitz.de>