[Secure-testing-commits] r56075 - data/CVE

Sat, 23 Sep 2017 14:13:25 -0700 

Author: carnil
Date: 2017-09-23 21:12:41 +0000 (Sat, 23 Sep 2017)
New Revision: 56075

Modified:
   data/CVE/list
Log:
CVEs assigned for wordpress issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-23 21:10:14 UTC (rev 56074)
+++ data/CVE/list       2017-09-23 21:12:41 UTC (rev 56075)
@@ -1,21 +1,21 @@
 CVE-2017-14726 (Before version 4.8.2, WordPress was vulnerable to a cross-site 
...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14725 (Before version 4.8.2, WordPress was susceptible to an open 
redirect ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14724 (Before version 4.8.2, WordPress was vulnerable to cross-site 
scripting ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14723 (Before version 4.8.2, WordPress mishandled % characters and 
additional ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14722 (Before version 4.8.2, WordPress allowed a Directory Traversal 
attack in ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14721 (Before version 4.8.2, WordPress allowed Cross-Site scripting 
in the ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14720 (Before version 4.8.2, WordPress allowed a Cross-Site scripting 
attack ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14719 (Before version 4.8.2, WordPress was vulnerable to a directory 
traversal ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14718 (Before version 4.8.2, WordPress was susceptible to a 
Cross-Site ...)
-       TODO: check
+       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14727 (logger.c in the logger plugin in WeeChat before 1.9.1 allows a 
crash ...)
        - weechat <unfixed> (bug #876553)
        NOTE: Fixed by: 
https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556
@@ -51,24 +51,6 @@
        RESERVED
 CVE-2017-14702
        RESERVED
-CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the link modal]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in template names]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [Path traversal vulnerability in the customizer]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [Open redirect in the user and term edit screens]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the plugin editor]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [Path traversal vulnerability in the file unzipping code]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the visual editor]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the oEmbed 
discovery]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
-CVE-2017-XXXX [$wpdb->prepare() can create unexpected and unsafe queries 
leading to potential SQL injection (SQLi)]
-       - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-14701
        RESERVED
 CVE-2017-14700


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to