This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
f9ada0b5-3d80-11ed-9330-080027f5fec9 | squid -- Exposure of sensitive information in cache manager Mikhail Evdokimov (aka konata) reports:
Discovery 2022-04-17 Entry 2022-09-26 squid < 5.7 CVE-2022-41317 https://github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq |
4e210d72-1c5c-11da-92ce-0048543d60ce | squid -- Denial Of Service Vulnerability in sslConnectTimeout The squid patches page notes:
Discovery 2005-07-21 Entry 2005-09-04 Modified 2005-10-02 squid < 2.5.10_5 14731 CVE-2005-2796 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout http://www.squid-cache.org/bugs/show_bug.cgi?id=1355 http://secunia.com/advisories/16674/ |
e05bfc92-0763-11e6-94fa-002590263bf5 | squid -- multiple vulnerabilities Squid security advisory 2016:5 reports:
Squid security advisory 2016:6 reports:
Discovery 2016-04-20 Entry 2016-04-21 squid < 3.5.17 CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 ports/208939 http://www.squid-cache.org/Advisories/SQUID-2016_5.txt http://www.squid-cache.org/Advisories/SQUID-2016_6.txt |
8dbf7894-a9a8-11d9-a788-0001020eed82 | squid -- DoS on failed PUT/POST requests vulnerability The squid patches page notes:
Discovery 2005-02-03 Entry 2005-04-10 squid le 2.5.7_12 CVE-2005-0718 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-post http://www.squid-cache.org/bugs/show_bug.cgi?id=1224 |
b4d94fa0-6e38-11d9-9e1e-c296ac722cb3 | squid -- possible cache-poisoning via malformed HTTP responses The squid patches page notes:
To enable these strict parsing rules, update to at least
squid-2.5.7_9 and specify Discovery 2005-01-24 Entry 2005-01-24 Modified 2006-01-02 squid < 2.5.7_9 CVE-2005-0174 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing 768702 |
1c3142a3-4ab2-11da-932d-00055d790c25 | squid -- FTP server response handling denial of service A Secunia Advisory reports:
Discovery 2005-10-19 Entry 2005-11-01 squid < 2.5.11_3 CVE-2005-3258 http://secunia.com/advisories/17271/ |
297117ba-f92d-11e5-92ce-002590263bf5 | squid -- multiple vulnerabilities Squid security advisory 2016:3 reports:
Squid security advisory 2016:4 reports:
Discovery 2016-03-28 Entry 2016-04-02 squid < 3.5.16 CVE-2016-3947 CVE-2016-3948 ports/208463 http://www.squid-cache.org/Advisories/SQUID-2016_3.txt http://www.squid-cache.org/Advisories/SQUID-2016_4.txt |
c37de843-488e-11e2-a5c9-0019996bc1f7 | squid -- denial of service Squid developers report:
Discovery 2012-12-17 Entry 2012-12-28 Modified 2013-05-02 squid < 2.7.9_4 ge 3.1 lt 3.1.23 ge 3.2 lt 3.2.6 ge 3.3 lt 3.3.0.3 CVE-2012-5643 CVE-2013-0189 http://www.squid-cache.org/Advisories/SQUID-2012_1.txt |
7e97b288-c7ca-11d9-9e1e-c296ac722cb3 | squid -- DNS lookup spoofing vulnerability The squid patches page notes:
Discovery 2005-05-11 Entry 2005-05-19 squid < 2.5.10 CVE-2005-1519 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_reply http://secunia.com/advisories/15294 |
a8fb8e3a-730d-11ee-ab61-b42e991fc52e | squid -- Multiple vulnerabilities The squid-cache project reports:
Discovery 2023-10-21 Entry 2023-10-25 squid < 6.4 https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh https://github.com/squid-cache/squid/security/advisories/GHSA-phqj-m8gv-cq4g |
150d1538-23fa-11e5-a4a5-002590263bf5 | squid -- Improper Protection of Alternate Path with CONNECT requests Squid security advisory 2015:2 reports:
Discovery 2015-07-06 Entry 2015-07-06 Modified 2015-07-17 squid < 3.5.6 http://www.squid-cache.org/Advisories/SQUID-2015_2.txt CVE-2015-5400 |
660ebbf5-daeb-11e5-b2bd-002590263bf5 | squid -- remote DoS in HTTP response processing Squid security advisory 2016:2 reports:
Discovery 2016-02-24 Entry 2016-02-24 Modified 2016-02-28 squid < 3.5.15 CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 ports/207454 http://www.squid-cache.org/Advisories/SQUID-2016_2.txt http://www.openwall.com/lists/oss-security/2016/02/24/12 |
44e7764c-2614-11da-9e1e-c296ac722cb3 | squid -- possible denial of service condition regarding NTLM authentication The squid patches page notes:
Discovery 2005-09-12 Entry 2005-09-15 Modified 2005-10-02 squid < 2.5.10_6 14977 CVE-2005-2917 http://www.squid-cache.org/bugs/show_bug.cgi?id=1391 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-NTLM-scheme_assert http://secunia.com/advisories/16992/ |
620685d6-0aa3-11ea-9673-4c72b94353b5 | squid -- Vulnerable to HTTP Digest Authentication Squid Team reports:
Discovery 2019-11-05 Entry 2019-11-19 squid < 4.9 http://www.squid-cache.org/Advisories/SQUID-2019_11.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18679 CVE-2019-18679 |
6eb580d7-a29c-11dc-8919-001c2514716c | Squid -- Denial of Service Vulnerability Squid secuirty advisory reports:
Discovery 2007-11-28 Entry 2007-12-04 Modified 2007-12-07 squid ge 2.0 lt 2.6.16_1 ge 3.* lt 3.0.r1.20071001_1 26687 CVE-2007-6239 |
d3324c55-3f11-11e4-ad16-001999f8d30b | squid -- Buffer overflow in SNMP processing The squid-cache project reports:
Discovery 2014-09-15 Entry 2014-09-18 squid < 3.4.8 squid32 gt 0 squid33 < 3.3.13_2 http://www.squid-cache.org/Advisories/SQUID-2014_3.txt CVE-2014-6270 |
0c0dc409-1c5e-11da-92ce-0048543d60ce | squid -- Possible Denial Of Service Vulnerability in store.c The squid patches page notes:
Discovery 2005-08-02 Entry 2005-09-04 Modified 2005-10-02 squid < 2.5.10_5 14761 CVE-2005-2794 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING http://www.squid-cache.org/bugs/show_bug.cgi?id=1368 http://secunia.com/advisories/16708/ |
5bf1a715-cc57-440f-b0a5-6406961c54a7 | squid -- denial-of-service vulnerabilities The Squid team reported several denial-of-service vulnerabilities related to the handling of DNS responses and NT Lan Manager messages. These may allow an attacker to crash the Squid cache. Discovery 2005-01-16 Entry 2005-06-03 squid < 2.5.9 CVE-2005-0446 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert CVE-2005-0096 CVE-2005-0097 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth |
bfda39de-7467-11d9-9e1e-c296ac722cb3 | squid -- correct handling of oversized HTTP reply headers The squid patches page notes:
It is believed that this bug may lead to cache pollution or allow access controls to be bypassed. Discovery 2005-01-31 Entry 2005-02-08 squid < 2.5.7_12 CVE-2005-0241 http://www.squid-cache.org/bugs/show_bug.cgi?id=1216 http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch ports/76967 823350 |
57c1c2ee-7914-11ea-90bf-0800276545c1 | Squid -- multiple vulnerabilities The Squid developers reports:
Discovery 2020-02-10 Entry 2020-04-07 squid < 4.10 http://lists.squid-cache.org/pipermail/squid-announce/2020-February/000107.html https://nvd.nist.gov/vuln/detail/CVE-2020-8449 https://nvd.nist.gov/vuln/detail/CVE-2020-8450 https://nvd.nist.gov/vuln/detail/CVE-2019-12528 https://nvd.nist.gov/vuln/detail/CVE-2020-8517 CVE-2020-8449 CVE-2020-8450 CVE-2019-12528 CVE-2020-8517 ports/244026 |
23fb5a04-722b-11d9-9e1e-c296ac722cb3 | squid -- buffer overflow in WCCP recvfrom() call According to the Squid Proxy Cache Security Update Advisory SQUID-2005:3,
Note that while the default configuration of the FreeBSD squid port enables WCCP support in general, the default configuration supplied does not actually configure squid to send and receive WCCP messages. Discovery 2005-01-28 Entry 2005-01-28 Modified 2005-02-13 squid < 2.5.7_10 CVE-2005-0211 886006 http://www.squid-cache.org/Advisories/SQUID-2005_3.txt http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow http://www.squid-cache.org/bugs/show_bug.cgi?id=1217 |
d5b6d151-1887-11e8-94f7-9c5c8e75236a | squid -- Vulnerable to Denial of Service attack Louis Dion-Marcil reports:
Discovery 2017-12-13 Entry 2018-02-23 squid < 3.5.27_3 squid-devel < 4.0.23 http://www.squid-cache.org/Advisories/SQUID-2018_1.txt http://www.squid-cache.org/Advisories/SQUID-2018_2.txt CVE-2018-1000024 CVE-2018-1000027 https://www.debian.org/security/2018/dsa-4122 ports/226138 |
a395397c-c7c8-11d9-9e1e-c296ac722cb3 | squid -- possible abuse of cachemgr.cgi The squid patches page notes:
Discovery 1999-07-29 Entry 2005-05-19 squid < 2.5.10 CVE-1999-0710 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-cachemgr_conf http://www.squid-cache.org/bugs/show_bug.cgi?id=1094 |