Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-4090-1:ADD20
HistoryJan 17, 2018 - 1:40 p.m.

[SECURITY] [DSA 4090-1] wordpress security update

2018-01-1713:40:59
lists.debian.org
8

0.011 Low

EPSS

Percentile

84.4%

JSON

Debian Security Advisory DSA-4090-1 [email protected]
https://www.debian.org/security/ Sebastien Delafond
January 17, 2018 https://www.debian.org/security/faq

Package : wordpress
CVE ID : CVE-2017-9066 CVE-2017-16510 CVE-2017-17091 CVE-2017-17092
CVE-2017-17093 CVE-2017-17094
Debian Bug : 862816 883314 880528

Several vulnerabilities were discovered in Wordpress, a web blogging
tool. They allowed remote attackers to perform SQL injections and
various Cross-Side Scripting (XSS) and Server-Side Request Forgery
(SSRF) attacks, as well as bypass some access restrictions.

For the oldstable distribution (jessie), these problems have been fixed
in version 4.1+dfsg-1+deb8u16.

For the stable distribution (stretch), these problems have been fixed in
version 4.7.5+dfsg-2+deb9u2.

We recommend that you upgrade your wordpress packages.

For the detailed security status of wordpress please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wordpress

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7allwordpress< 3.6.1+dfsg-1~deb7u20wordpress_3.6.1+dfsg-1~deb7u20_all.deb
Debian7allwordpress< 3.6.1+dfsg-1~deb7u18wordpress_3.6.1+dfsg-1~deb7u18_all.deb
Debian8allwordpress-theme-twentyfifteen< 4.1+dfsg-1+deb8u16wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u16_all.deb
Debian9allwordpress-l10n< 4.7.5+dfsg-2+deb9u2wordpress-l10n_4.7.5+dfsg-2+deb9u2_all.deb
Debian8allwordpress-theme-twentythirteen< 4.1+dfsg-1+deb8u16wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u16_all.deb
Debian9allwordpress-theme-twentyseventeen< 4.7.5+dfsg-2+deb9u2wordpress-theme-twentyseventeen_4.7.5+dfsg-2+deb9u2_all.deb
Debian7allwordpress< 3.6.1+dfsg-1~deb7u16wordpress_3.6.1+dfsg-1~deb7u16_all.deb
Debian7allwordpress-l10n< 3.6.1+dfsg-1~deb7u20wordpress-l10n_3.6.1+dfsg-1~deb7u20_all.deb
Debian8allwordpress-l10n< 4.1+dfsg-1+deb8u16wordpress-l10n_4.1+dfsg-1+deb8u16_all.deb
Debian9allwordpress< 4.7.5+dfsg-2+deb9u2wordpress_4.7.5+dfsg-2+deb9u2_all.deb
Rows per page:
1-10 of 161

Related

debian 4
nessus 19
openvas 10
osv 10
veracode 5
cvelist 6
nvd 7
cve 7
patchstack 4
prion 6
ubuntucve 6
debiancve 6
wpvulndb 6
debian
debian
[SECURITY] [DSA 4090-1] wordpress security update
2018-01-17 13:40:59
[SECURITY] [DLA 1216-1] wordpress security update
2017-12-21 20:10:37
[SECURITY] [DLA 1075-1] wordpress security update
2017-08-29 18:08:41
nessus
nessus
Debian DSA-4090-1 : wordpress - security update
2018-01-18 00:00:00
WordPress < 4.9.1 Multiple Vulnerabilities
2017-12-04 00:00:00
Debian DLA-1216-1 : wordpress security update
2017-12-26 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4090-1)
2018-01-16 00:00:00
Debian: Security Advisory (DLA-1216-1)
2023-03-08 00:00:00
WordPress < 4.9.1 Multiple Vulnerabilities - Linux
2017-12-04 00:00:00
osv
osv
wordpress - security update
2018-01-17 00:00:00
wordpress - security update
2017-12-21 00:00:00
CVE-2017-17093
2017-12-02 06:29:00
veracode
veracode
Cross-site Scripting (XSS)
2017-12-04 04:12:03
SQL Injection
2017-11-03 01:23:13
Cross-site Scripting (XSS)
2017-12-04 04:24:03
cvelist
cvelist
CVE-2017-17093
2017-12-02 06:00:00
CVE-2017-17092
2017-12-02 06:00:00
CVE-2017-17094
2017-12-02 06:00:00
nvd
nvd
CVE-2017-17093
2017-12-02 06:29:00
CVE-2017-17094
2017-12-02 06:29:00
CVE-2017-17091
2017-12-02 06:29:00
cve
cve
CVE-2017-17093
2017-12-02 06:29:00
CVE-2017-17094
2017-12-02 06:29:00
CVE-2017-17091
2017-12-02 06:29:00
patchstack
patchstack
WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
2017-11-29 00:00:00
WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
2017-11-29 00:00:00
WordPress <=4.7.4 - Insufficient Redirect Validation vulnerability
2017-05-17 00:00:00
prion
prion
Design/Logic Flaw
2017-12-02 06:29:00
Cross site scripting
2017-12-02 06:29:00
Design/Logic Flaw
2017-12-02 06:29:00
ubuntucve
ubuntucve
CVE-2017-17093
2017-12-02 00:00:00
CVE-2017-17094
2017-12-02 00:00:00
CVE-2017-17091
2017-12-02 00:00:00
debiancve
debiancve
CVE-2017-17093
2017-12-02 06:29:00
CVE-2017-17091
2017-12-02 06:29:00
CVE-2017-17094
2017-12-02 06:29:00
wpvulndb
wpvulndb
WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
2017-11-29 00:00:00
WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
2017-11-29 00:00:00
WordPress <= 4.8.2 - $wpdb->prepare() Weakness
2017-10-31 00:00:00

0.011 Low

EPSS

Percentile

84.4%

JSON
Related for DEBIAN:DSA-4090-1:ADD20
debian4nessus19openvas10osv10veracode5cvelist6nvd7cve7patchstack4prion6ubuntucve6debiancve6wpvulndb6