Vulnerability: Inadequate RSA Key Length Validation in MediaWiki OAuth Extension

Vulnerability: Inadequate RSA Key Length Validation in MediaWiki OAuth Extension

CVE-2021-31556 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.