Unrated severityNVD Advisory· Published Nov 9, 2015· Updated Jun 17, 2026
CVE-2015-8002
CVE-2015-8002
Description
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a file upload using one byte chunks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10>=1.23.0,<1.23.11 || >=1.24.0,<1.24.4 || >=1.25.0,<1.25.3+ 9 more
- (no CPE)range: >=1.23.0,<1.23.11 || >=1.24.0,<1.24.4 || >=1.25.0,<1.25.3
- cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*range: <=1.23.10
- cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*
- (no CPE)range: <1.23.11 || (>=1.24.0 <1.24.4) || (>=1.25.0 <1.25.3)
Patches
Vulnerability mechanics
References
3- lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.htmlnvdPatchVendor Advisory
- phabricator.wikimedia.org/T91205nvdVendor Advisory
- www.securitytracker.com/id/1034028nvd
News mentions
0No linked articles in our index yet.