CVE-2018-10101

Опубликовано: 16 апр. 2018

Источник: debian

EPSS Низкий

Описание

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

Пакет	Статус	Версия исправления	Релиз	Тип
wordpress	fixed	4.9.5+dfsg1-1		package
wordpress	fixed	4.7.5+dfsg-2+deb9u3	stretch	package
wordpress	not-affected		jessie	package
wordpress	not-affected		wheezy	package

https://core.trac.wordpress.org/changeset/42894
https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
Introduced via https://github.com/WordPress/WordPress/commit/c73a812109e1a64ecf21b6a198f949c58d1f2674 (4.5)

EPSS

Процентиль: 91%

0.06979

Низкий

CVE-2018-10101

CVSS3: 6.1

ubuntu

больше 7 лет назад

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

CVE-2018-10101

CVSS3: 6.1

nvd

больше 7 лет назад

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

GHSA-ccmp-622j-3xf7

CVSS3: 6.1

github

около 3 лет назад

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

EPSS

Процентиль: 91%

0.06979

Низкий