[Secure-testing-commits] r56076 - data/CVE

Salvatore Bonaccorso Sat, 23 Sep 2017 14:16:08 -0700

Author: carnil
Date: 2017-09-23 21:15:47 +0000 (Sat, 23 Sep 2017)
New Revision: 56076


Modified:
   data/CVE/list
Log:
Fill in details for wordpress issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-23 21:12:41 UTC (rev 56075)
+++ data/CVE/list       2017-09-23 21:15:47 UTC (rev 56076)
@@ -1,21 +1,35 @@
 CVE-2017-14726 (Before version 4.8.2, WordPress was vulnerable to a cross-site 
...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41395
 CVE-2017-14725 (Before version 4.8.2, WordPress was susceptible to an open 
redirect ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41398
 CVE-2017-14724 (Before version 4.8.2, WordPress was vulnerable to cross-site 
scripting ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41448
 CVE-2017-14723 (Before version 4.8.2, WordPress mishandled % characters and 
additional ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41470
+       NOTE: https://core.trac.wordpress.org/changeset/41496
+       NOTE: 
https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
+       NOTE: 
https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
+       NOTE: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
+       NOTE: https://medium.com/websec/wordpress-sqli-poc-f1827c20bf8e
 CVE-2017-14722 (Before version 4.8.2, WordPress allowed a Directory Traversal 
attack in ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41397
 CVE-2017-14721 (Before version 4.8.2, WordPress allowed Cross-Site scripting 
in the ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41412
 CVE-2017-14720 (Before version 4.8.2, WordPress allowed a Cross-Site scripting 
attack ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41412
 CVE-2017-14719 (Before version 4.8.2, WordPress was vulnerable to a directory 
traversal ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41457
 CVE-2017-14718 (Before version 4.8.2, WordPress was susceptible to a 
Cross-Site ...)
        - wordpress 4.8.2+dfsg-1 (bug #876274)
+       NOTE: https://core.trac.wordpress.org/changeset/41393
 CVE-2017-14727 (logger.c in the logger plugin in WeeChat before 1.9.1 allows a 
crash ...)
        - weechat <unfixed> (bug #876553)
        NOTE: Fixed by: 
https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56076 - data/CVE

Reply via email to