FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-10-07 06:25:02 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
00e912c5-9e92-11f0-bc5f-8447094a420fOpenSSL -- multiple vulnerabilities

The OpenSSL project reports reports:

Out-of-bounds read & write in RFC 3211 KEK Unwrap

Timing side-channel in SM2 algorithm on 64-bit ARM

Fix Out-of-bounds read in HTTP client no_proxy handling


Discovery 2025-09-30
Entry 2025-10-01
Modified 2025-10-03
openssl
< 3.0.18,1

openssl32
< 3.2.6

openssl33
< 3.3.5

openssl33-quictls
< 3.3.5

openssl34
< 3.4.3

openssl35
< 3.5.4

openssl36
< 3.6.0

CVE-2025-9230
CVE-2025-9231
CVE-2025-9232
SA-25:08.openssl
https://openssl-library.org/news/secadv/20250930.txt
c6f4177c-8e29-11ef-98e7-84a93843eb75OpenSSL -- OOB memory access vulnerability

The OpenSSL project reports:

Low-level invalid GF(2^m) parameters lead to OOB memory access (CVE-2024-9143) (Low)

Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes.


Discovery 2024-10-16
Entry 2024-10-19
openssl
< 3.0.15_1,1

openssl31
< 3.1.7_1

openssl32
< 3.2.3_1

openssl33
< 3.3.2_1

openssl-quictls
< 3.0.15_1,1

openssl31-quictls
< 3.1.7_1

CVE-2024-9143
https://openssl-library.org/news/secadv/20241016.txt