[Secure-testing-commits] r56076 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 23 21:15:47 UTC 2017
Author: carnil
Date: 2017-09-23 21:15:47 +0000 (Sat, 23 Sep 2017)
New Revision: 56076
Modified:
data/CVE/list
Log:
Fill in details for wordpress issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-23 21:12:41 UTC (rev 56075)
+++ data/CVE/list 2017-09-23 21:15:47 UTC (rev 56076)
@@ -1,21 +1,35 @@
CVE-2017-14726 (Before version 4.8.2, WordPress was vulnerable to a cross-site ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41395
CVE-2017-14725 (Before version 4.8.2, WordPress was susceptible to an open redirect ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41398
CVE-2017-14724 (Before version 4.8.2, WordPress was vulnerable to cross-site scripting ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41448
CVE-2017-14723 (Before version 4.8.2, WordPress mishandled % characters and additional ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41470
+ NOTE: https://core.trac.wordpress.org/changeset/41496
+ NOTE: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
+ NOTE: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
+ NOTE: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
+ NOTE: https://medium.com/websec/wordpress-sqli-poc-f1827c20bf8e
CVE-2017-14722 (Before version 4.8.2, WordPress allowed a Directory Traversal attack in ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41397
CVE-2017-14721 (Before version 4.8.2, WordPress allowed Cross-Site scripting in the ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41412
CVE-2017-14720 (Before version 4.8.2, WordPress allowed a Cross-Site scripting attack ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41412
CVE-2017-14719 (Before version 4.8.2, WordPress was vulnerable to a directory traversal ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41457
CVE-2017-14718 (Before version 4.8.2, WordPress was susceptible to a Cross-Site ...)
- wordpress 4.8.2+dfsg-1 (bug #876274)
+ NOTE: https://core.trac.wordpress.org/changeset/41393
CVE-2017-14727 (logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash ...)
- weechat <unfixed> (bug #876553)
NOTE: Fixed by: https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556
More information about the Secure-testing-commits
mailing list