FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  424764
Date:      2016-10-27
Time:      13:14:17Z
Committer: tijl

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a4d71e4c-7bf4-11e2-84cd-d43d7e0c7c02drupal7 -- Denial of service

Drupal Security Team reports:

Drupal core's Image module allows for the on-demand generation of image derivatives. This capability can be abused by requesting a large number of new derivatives which can fill up the server disk space, and which can cause a very high CPU load. Either of these effects may lead to the site becoming unavailable or unresponsive.

Discovery 2013-02-20
Entry 2013-02-21
lt 7.19

d9649816-5e0d-11e3-8d23-3c970e169bc2drupal -- multiple vulnerabilities

Drupal Security Team reports:

Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7.

  • Multiple vulnerabilities due to optimistic cross-site request forgery protection (Form API validation - Drupal 6 and 7)
  • Multiple vulnerabilities due to weakness in pseudorandom number generation using mt_rand() (Form API, OpenID and random password generation - Drupal 6 and 7)
  • Code execution prevention (Files directory .htaccess for Apache - Drupal 6 and 7)
  • Access bypass (Security token validation - Drupal 6 and 7)
  • Cross-site scripting (Image module - Drupal 7)
  • Cross-site scripting (Color module - Drupal 7)
  • Open redirect (Overlay module - Drupal 7)

Discovery 2013-11-20
Entry 2013-12-06
lt 6.29

lt 7.24
1827f213-633e-11e2-8d93-c8600054b392drupal -- multiple vulnerabilities

Drupal Security Team reports:

Cross-site scripting (Various core and contributed modules)

Access bypass (Book module printer friendly version)

Access bypass (Image module)

Discovery 2013-01-16
Entry 2013-01-20
lt 6.28

lt 7.19