oss-sec mailing list archives
Re: CVE Request: WordPress: New 4.4.2 security and maintenance release: SSRF and open redirect vulnerability
From: cve-assign () mitre org
Date: Thu, 4 Feb 2016 16:16:31 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/ https://core.trac.wordpress.org/changeset/36444 an open redirection attack
Use CVE-2016-2221.
https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/ https://core.trac.wordpress.org/changeset/36435 a possible SSRF for certain local URIs
Use CVE-2016-2222. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWs761AAoJEL54rhJi8gl5+a8P/2r4EIHLn4GLBvy0o8J0Q9LF tz7lvj9j2naZt0eArwCW2wj0hBaNJWfxfN8Hww/RX6AVKsp6YlUw0PfQKH3smDiF oG1wyYLvhbn2FmISpuvLfNdki+i9DSv3ZuYi5x2eS39ZeC4WzDZYSEmTRfJF1rP9 D5kcN4nxFZsroswPQCDy/GVHCs8+ONUAUFflLPcgiQtWbuB2BBnfBuBy2MFKwiaw 405spJhDn6ol5F8Y0BQLbZUIlbFMhJxuuiZae2CviNgO1gTEvAJqBCT6g9HaUaW+ R/XQsGBX2TZC+RZBvhNdBvMdv7iv/imahfObfaGgadmdgRCwq4vegDqqk8pIfNS1 B4O0Oh2ClL2mg8zAVVPm4z+StG3OjA5IRixBeJje27iPFp2qFNO0DANr42xkANJd WReaqq++uwKwEI4Gkp9o0uJTMhFzPcotu8p4fxBikqp0M6KnaM5O667G2l+oz6E7 kHejuDazRW90RMEtmSlejyNcJLeNXoWMjugGYsJtD89izHODCAgZtIZl0BGfOsbk MiEFSaGWqIBPkv2FRx6bowLoEkFnIXaurCXT+x2+3GPpcITFXNDQa0gb/hQHSwQ7 iufOeraxVFl/bMZmeioZXrhgynWA0kPxWSl5Hd5Yb2P+GpqkC92CTiqo6aKWXZnC Hsh1G31WLW/lrVfH1yFc =18yk -----END PGP SIGNATURE-----
Current thread:
- CVE Request: WordPress: New 4.4.2 security and maintenance release: SSRF and open redirect vulnerability Salvatore Bonaccorso (Feb 04)
- Re: CVE Request: WordPress: New 4.4.2 security and maintenance release: SSRF and open redirect vulnerability cve-assign (Feb 04)