FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-10-10 08:58:57 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3e917407-4b3f-11ef-8e49-001999f8d30bMailpit -- Content Security Policy XSS

Mailpit developer reports:

A vulnerability was discovered which allowed a bad actor with SMTP access to Mailpit to bypass the Content Security Policy headers using a series of crafted HTML messages which could result in a stored XSS attack via the web UI.


Discovery 2024-07-26
Entry 2024-07-26
mailpit
< 1.19.3

https://github.com/axllent/mailpit/releases/tag/v1.19.3
0b5145e9-a500-11f0-a136-10ffe07f9334Mailpit -- Performance information disclosure

Ralph Slooten (Mailpit developer) reports:

An HTTP endpoint was found which exposed expvar runtime information (memory usage, goroutine counts, GC behavior, uptime and potential runtime flags) due to the Prometheus client library dependency.


Discovery 2025-10-09
Entry 2025-10-09
mailpit
< 1.27.10

https://github.com/axllent/mailpit/releases/tag/v1.27.10