Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2020-35539HistoryOct 17, 2022 - 4:15 p.m.
CVE-2020-35539
2022-10-1716:15:00
Debian Security Bug Tracker
security-tracker.debian.org
11
wordpress
x-forwarded-for
http
ip address
A flaw was found in Wordpress 5.1. “X-Forwarded-For” is a HTTP header used to carry the client’s original IP address. However, because these headers may very well be added by the client to the requests, if the systems/devices use IP addresses which decelerate at X-Forwarded-For header instead of original IP, various issues may be faced. If the data originating from these fields is trusted by the application developers and processed, any authorization checks originating IP address logging could be manipulated.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | <= 6.0.3+dfsg1-1 | wordpress_6.0.3+dfsg1-1_all.deb |
| Debian | 11 | all | wordpress | <= 5.7.5+dfsg1-0+deb11u1 | wordpress_5.7.5+dfsg1-0+deb11u1_all.deb |
| Debian | 10 | all | wordpress | <= 5.0.15+dfsg1-0+deb10u1 | wordpress_5.0.15+dfsg1-0+deb10u1_all.deb |
| Debian | 999 | all | wordpress | <= 6.1+dfsg1-1 | wordpress_6.1+dfsg1-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2022-10-17 16:15:00
nvd
nvd
CVE-2020-35539
2022-10-17 16:15:15
ubuntucve
ubuntucve
CVE-2020-35539
2022-10-17 00:00:00
redhatcve
redhatcve
CVE-2020-35539
2022-12-05 07:31:16
cvelist
cvelist
CVE-2020-35539
1976-01-01 00:00:00
cve
cve
CVE-2020-35539
2022-10-17 16:15:15
Related for DEBIANCVE:CVE-2020-35539