FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
57b3aba7-1e25-11e6-8dd3-002590263bf5expat -- denial of service vulnerability on malformed input

Gustavo Grieco reports:

The Expat XML parser mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. The bugs allow for a denial of service attack in many applications by an unauthenticated attacker, and could conceivably result in remote code execution.

Discovery 2016-05-17
Entry 2016-05-20
Modified 2016-11-30
lt 2.1.1

lt 2.0.1_3

lt 2.1.0_1