Author: carnil Date: 2017-09-23 21:12:41 +0000 (Sat, 23 Sep 2017) New Revision: 56075
Modified: data/CVE/list Log: CVEs assigned for wordpress issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-09-23 21:10:14 UTC (rev 56074) +++ data/CVE/list 2017-09-23 21:12:41 UTC (rev 56075) @@ -1,21 +1,21 @@ CVE-2017-14726 (Before version 4.8.2, WordPress was vulnerable to a cross-site ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14725 (Before version 4.8.2, WordPress was susceptible to an open redirect ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14724 (Before version 4.8.2, WordPress was vulnerable to cross-site scripting ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14723 (Before version 4.8.2, WordPress mishandled % characters and additional ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14722 (Before version 4.8.2, WordPress allowed a Directory Traversal attack in ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14721 (Before version 4.8.2, WordPress allowed Cross-Site scripting in the ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14720 (Before version 4.8.2, WordPress allowed a Cross-Site scripting attack ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14719 (Before version 4.8.2, WordPress was vulnerable to a directory traversal ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14718 (Before version 4.8.2, WordPress was susceptible to a Cross-Site ...) - TODO: check + - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14727 (logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash ...) - weechat <unfixed> (bug #876553) NOTE: Fixed by: https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556 @@ -51,24 +51,6 @@ RESERVED CVE-2017-14702 RESERVED -CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the link modal] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in template names] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [Path traversal vulnerability in the customizer] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [Open redirect in the user and term edit screens] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the plugin editor] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [Path traversal vulnerability in the file unzipping code] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the visual editor] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the oEmbed discovery] - - wordpress 4.8.2+dfsg-1 (bug #876274) -CVE-2017-XXXX [$wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi)] - - wordpress 4.8.2+dfsg-1 (bug #876274) CVE-2017-14701 RESERVED CVE-2017-14700 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits