Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-17670

Опубликовано: 17 окт. 2019
Источник: debian
EPSS Низкий

Описание

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wordpressfixed5.2.4+dfsg1-1package

Примечания

  • https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html

  • https://core.trac.wordpress.org/changeset/46472

  • https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2

  • https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/

EPSS

Процентиль: 89%
0.04761
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-17670

CVSS3: 9.8
ubuntu
больше 5 лет назад

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.

nvd логотип

CVE-2019-17670

CVSS3: 9.8
nvd
больше 5 лет назад

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.

github логотип

GHSA-9vwr-ww7h-qvv8

CVSS3: 9.8
github
около 3 лет назад

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.

EPSS

Процентиль: 89%
0.04761
Низкий