This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-29 10:45:39 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
64691c49-4b22-11e0-a226-00e0815b8da8 | mailman -- XSS vulnerability CVE reports:
Discovery 2011-02-13 Entry 2011-03-10 mailman < 2.1.14_1 CVE-2011-0707 http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html |
b11ab01b-6e19-11e6-ab24-080027ef73ec | mailman -- CSRF protection enhancements Mark Sapiro reports:
Discovery 2016-08-19 Entry 2016-08-29 mailman < 2.1.23 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1668 https://mail.python.org/pipermail/mailman-announce/2016-August/000226.html CVE-2016-6893 |
739948e3-78bf-11e8-b23c-080027ac955c | mailman -- hardening against malicious listowners injecting evil HTML scripts Mark Sapiro reports:
Discovery 2018-03-09 Entry 2018-06-25 mailman < 2.1.27 mailman-with-htdig < 2.1.27 ja-mailman < 2.1.14.j7_5,1 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS#L8 https://www.mail-archive.com/mailman-users@python.org/ CVE-2018-0618 |
3d0eeef8-0cf9-11e8-99b0-d017c2987f9a | Mailman -- Cross-site scripting (XSS) vulnerability in the web UI Mark Sapiro reports:
Discovery 2018-01-20 Entry 2018-02-08 mailman < 2.1.26 mailman-with-htdig < 2.1.26 ja-mailman le 2.1.14.j7_3,1 https://www.mail-archive.com/mailman-users@python.org/msg70478.html CVE-2018-5950 |
b4f0ad36-94a5-11e8-9007-080027ac955c | mailman -- content spoofing with invalid list names in web UI Mark Sapiro reports:
Discovery 2018-07-09 Entry 2018-07-31 mailman < 2.1.28 mailman-with-htdig < 2.1.28 ja-mailman < 2.1.14.j7_6,1 https://bugs.launchpad.net/mailman/+bug/1780874 https://mail.python.org/pipermail/mailman-announce/2018-July/000241.html CVE-2018-13796 |
88760f4d-8ef7-11ea-a66d-4b2ef158be83 | mailman -- arbitrary content injection vulnerability via options or private archive login pages Mark Sapiro reports:
Discovery 2020-04-20 Entry 2020-05-07 mailman < 2.1.30_4 ge 2.1.31 lt 2.1.33 mailman-with-htdig < 2.1.30_4 ge 2.1.31 lt 2.1.33 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1845/NEWS#L8 https://bugs.launchpad.net/mailman/+bug/1873722 https://bugs.launchpad.net/mailman/+bug/1877379 https://mail.python.org/archives/list/mailman-developers@python.org/thread/SYBIZ3MNSQZLKN6PVKO7ZKR7QMOBMS45/ CVE-2018-13796 |
f47f2746-12c5-11dd-bab7-0016179b2dd5 | mailman -- script insertion vulnerability Secunia reports:
Discovery 2008-02-05 Entry 2008-04-25 ja-mailman mailman mailman-with-htdig < 2.1.10 CVE-2008-0564 27630 http://www.ubuntu.com/usn/usn-586-1 http://secunia.com/advisories/28794 http://sourceforge.net/project/shownotes.php?release_id=593924 |
9d7a2b54-4468-11ec-8532-0d24c37c72c8 | mailman -- 2.1.37 fixes XSS via user options, and moderator offline brute-force vuln against list admin password Mark Sapiro reports:
Discovery 2021-11-01 Entry 2021-11-13 mailman < 2.1.37 mailman-exim4 < 2.1.37 mailman-exim4-with-htdig < 2.1.37 mailman-postfix < 2.1.37 mailman-postfix-with-htdig < 2.1.37 mailman-with-htdig < 2.1.37 CVE-2021-43331 CVE-2021-43332 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1879/NEWS#L8 https://bugs.launchpad.net/mailman/+bug/1949401 https://bugs.launchpad.net/mailman/+bug/1949403 |
a5f160fa-deee-11e4-99f8-080027ef73ec | mailman -- path traversal vulnerability Mark Sapiro reports:
Discovery 2015-03-27 Entry 2015-04-09 Modified 2015-06-17 mailman < 2.1.20 mailman-with-htdig < 2.1.20 ja-mailman < 2.1.14.j7_2,1 https://mail.python.org/pipermail/mailman-announce/2015-March/000209.html https://bugs.launchpad.net/mailman/+bug/1437145 CVE-2015-2775 |
8d65aa3b-31ce-11ec-8c32-a14e8e520dc7 | mailman -- brute-force vuln on list admin password, and CSRF vuln in releases before 2.1.35 Mark Sapiro reports:
Discovery 2021-10-18 Entry 2021-10-20 mailman < 2.1.35 mailman-with-htdig < 2.1.35 CVE-2021-42096 CVE-2021-42097 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1873/NEWS#L8 https://bugs.launchpad.net/mailman/+bug/1947639 https://bugs.launchpad.net/mailman/+bug/1947640 |
4ab29e12-e787-11df-adfa-00e0815b8da8 | Mailman -- cross-site scripting in web interface Secunia reports:
Discovery 2010-09-14 Entry 2010-11-03 mailman < 2.1.14 43187 CVE-2010-3089 http://secunia.com/advisories/41265 |
0d6efbe3-52d9-11ec-9472-e3667ed6088e | mailman < 2.1.38 -- CSRF vulnerability of list mod or member against list admin page Mark Sapiro reports:
Discovery 2021-11-25 Entry 2021-12-01 mailman < 2.1.38 mailman-exim4 < 2.1.38 mailman-exim4-with-htdig < 2.1.38 mailman-postfix < 2.1.38 mailman-postfix-with-htdig < 2.1.38 mailman-with-htdig < 2.1.38 CVE-2021-44227 https://bugs.launchpad.net/mailman/+bug/1952384 https://www.mail-archive.com/mailman-users@python.org/msg73979.html |
9e50dcc3-740b-11e6-94a2-080027ef73ec | mailman -- CSRF hardening in parts of the web interface The late Tokio Kikuchi reported:
Discovery 2011-05-02 Entry 2016-09-06 mailman < 2.1.15 https://bugs.launchpad.net/mailman/+bug/775294 https://launchpad.net/mailman/2.1/2.1.15 CVE-2016-7123 |