FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-01-30 00:01:58 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4b824428-fb93-11f0-b194-8447094a420f	OpenSSL -- Multiple vulnerabilities The OpenSSL project reports: Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (CVE-2025-11187) Stack buffer overflow in CMS AuthEnvelopedData parsing (CVE-2025-15467) NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (CVE-2025-15468) "openssl dgst" one-shot codepath silently truncates inputs >16MB (CVE-2025-15469) TLS 1.3 CompressedCertificate excessive memory allocation (CVE-2025-66199) Heap out-of-bounds write in BIO_f_linebuffer on short writes (CVE-2025-68160) Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (CVE-2025-69418) Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (CVE-2025-69419) Missing ASN1_TYPE validation in TS_RESP_verify_response() function (CVE-2025-69420) NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (CVE-2025-69421) Missing ASN1_TYPE validation in PKCS#12 parsing (CVE-2026-22795) ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (CVE-2026-22796) Discovery 2026-01-27 Entry 2026-01-27 Modified 2026-01-28 FreeBSD >= 15.0 lt 15.0_2 >= 14.3 lt 14.3_8 >= 13.5 lt 13.5_9 openssl < 3.0.19,1 openssl33 < 3.3.6 openssl34 < 3.4.4 openssl35 < 3.5.5 openssl36 < 3.6.1 openssl < 3.0.19 CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 CVE-2026-22796 https://openssl-library.org/news/secadv/20260127.txt SA-26:01.openssl
00e912c5-9e92-11f0-bc5f-8447094a420f	OpenSSL -- multiple vulnerabilities The OpenSSL project reports reports: Out-of-bounds read & write in RFC 3211 KEK Unwrap Timing side-channel in SM2 algorithm on 64-bit ARM Fix Out-of-bounds read in HTTP client no_proxy handling Discovery 2025-09-30 Entry 2025-10-01 Modified 2025-10-03 openssl < 3.0.18,1 openssl32 < 3.2.6 openssl33 < 3.3.5 openssl33-quictls < 3.3.5 openssl34 < 3.4.3 openssl35 < 3.5.4 openssl36 < 3.6.0 CVE-2025-9230 CVE-2025-9231 CVE-2025-9232 SA-25:08.openssl https://openssl-library.org/news/secadv/20250930.txt

VuXML ID

Description

4b824428-fb93-11f0-b194-8447094a420f

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports:

Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (CVE-2025-11187)

Stack buffer overflow in CMS AuthEnvelopedData parsing (CVE-2025-15467)

NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (CVE-2025-15468)

"openssl dgst" one-shot codepath silently truncates inputs >16MB (CVE-2025-15469)

TLS 1.3 CompressedCertificate excessive memory allocation (CVE-2025-66199)

Heap out-of-bounds write in BIO_f_linebuffer on short writes (CVE-2025-68160)

Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (CVE-2025-69418)

Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (CVE-2025-69419)

Missing ASN1_TYPE validation in TS_RESP_verify_response() function (CVE-2025-69420)

NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (CVE-2025-69421)

Missing ASN1_TYPE validation in PKCS#12 parsing (CVE-2026-22795)

ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (CVE-2026-22796)

Discovery 2026-01-27
Entry 2026-01-27
Modified 2026-01-28
FreeBSD

>= 15.0 lt 15.0_2

>= 14.3 lt 14.3_8

>= 13.5 lt 13.5_9

openssl

< 3.0.19,1

openssl33

< 3.3.6

openssl34

< 3.4.4

openssl35

< 3.5.5

openssl36

< 3.6.1

openssl

< 3.0.19

CVE-2025-11187
CVE-2025-15467
CVE-2025-15468
CVE-2025-15469
CVE-2025-66199
CVE-2025-68160
CVE-2025-69418
CVE-2025-69419
CVE-2025-69420
CVE-2025-69421
CVE-2026-22795
CVE-2026-22796
https://openssl-library.org/news/secadv/20260127.txt
SA-26:01.openssl

00e912c5-9e92-11f0-bc5f-8447094a420f

OpenSSL -- multiple vulnerabilities

The OpenSSL project reports reports:

Out-of-bounds read & write in RFC 3211 KEK Unwrap

Timing side-channel in SM2 algorithm on 64-bit ARM

Fix Out-of-bounds read in HTTP client no_proxy handling

Discovery 2025-09-30
Entry 2025-10-01
Modified 2025-10-03
openssl

< 3.0.18,1

openssl32

< 3.2.6

openssl33

< 3.3.5

openssl33-quictls

< 3.3.5

openssl34

< 3.4.3

openssl35

< 3.5.4

openssl36

< 3.6.0

CVE-2025-9230
CVE-2025-9231
CVE-2025-9232
SA-25:08.openssl
https://openssl-library.org/news/secadv/20250930.txt