FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
52bd2d59-4ab5-4bef-a599-7aac4e92238bvault -- unauthenticated license read

vault developers report:

Limited Unauthenticated License Read: We addressed a security vulnerability that allowed for the unauthenticated reading of Vault licenses from DR Secondaries.


Discovery 2021-02-26
Entry 2021-02-27
vault
< 1.6.3

CVE-2021-27668
https://github.com/hashicorp/vault/releases/tag/v1.6.3
cc1fd3da-b8fd-4f4d-a092-c38541c0f993vault -- User Enumeration via LDAP auth

Vault developers report:

Vault allowed enumeration of users via the LDAP auth method. This vulnerability, was fixed in Vault 1.6.1 and 1.5.6.

An external party reported that they were able to enumerate LDAP users via error messages returned by Vault’s LDAP auth method


Discovery 2020-12-16
Entry 2020-12-17
vault
< 1.6.1

CVE-2020-35177
https://discuss.hashicorp.com/t/hcsec-2020-25-vault-s-ldap-auth-method-allows-user-enumeration/18984