Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7827bf74 by Salvatore Bonaccorso at 2026-07-03T04:46:17+02:00
Order suites top-down in CVE-2019-8943

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -660912,10 +660912,10 @@ CVE-2019-8945 (Zimbra Collaboration 8.7.x - 
8.8.11P2 contains persistent XSS.)
 CVE-2019-8944 (An Information Exposure issue in the Terraform deployment step 
in Octo ...)
        NOT-FOR-US: Terraform
 CVE-2019-8943 (WordPress through 5.0.3 allows Path Traversal in 
wp_crop_image(). An a ...)
+       [bookworm] - wordpress <postponed> (requires privileged account, not 
directly exploitable as CVE-2019-8942 is fixed, no official patch)
        - wordpress <undetermined> (bug #923583)
-       [jessie] - wordpress <postponed> (requires privileged account, not 
directly exploitable as CVE-2019-8942 is fixed, no official patch)
        [bullseye] - wordpress <postponed> (requires privileged account, not 
directly exploitable as CVE-2019-8942 is fixed, no official patch)
-       [bookworm] - wordpress <postponed> (requires privileged account, not 
directly exploitable as CVE-2019-8942 is fixed, no official patch)
+       [jessie] - wordpress <postponed> (requires privileged account, not 
directly exploitable as CVE-2019-8942 is fixed, no official patch)
        NOTE: 
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
        NOTE: This CVE is explicitly for the mentioned Path Traversal in 
wp_crop_image().
        NOTE: Patching CVE-2019-8942 makes CVE-2019-8943 (RCE) not directly 
exploitable



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7827bf746202d267f618e1fd7c2a5afb50bb4351

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7827bf746202d267f618e1fd7c2a5afb50bb4351
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to