Loop with unreachable exit condition ('infinite loop') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue was remediated only on the `master` branch.
| Vendor | Product | Versions |
|---|---|---|
| wikimedia foundation | growthexperiments extension | 1.45, 1.44, 1.43, 0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| open source | mediawiki | cert_advisory | 90% |
Updated description with more technical detail, changed severity to HIGH, and noted that there is no exploit available.
Initial creation
