FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  566519
Date:      2021-02-25
Time:      02:33:09Z
Committer: philip

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
57c1c2ee-7914-11ea-90bf-0800276545c1Squid -- multiple vulnerabilities

The Squid developers reports:

Improper Input Validation issues in HTTP Request processing (CVE-2020-8449, CVE-2020-8450).

Information Disclosure issue in FTP Gateway (CVE-2019-12528).

Buffer Overflow issue in ext_lm_group_acl helper (CVE-2020-8517).

Discovery 2020-02-10
Entry 2020-04-07
lt 4.10
620685d6-0aa3-11ea-9673-4c72b94353b5squid -- Vulnerable to HTTP Digest Authentication

Squid Team reports:

Problem Description: Due to incorrect data management Squid is vulnerable to a information disclosure when processing HTTP Digest Authentication.

Severity: Nonce tokens contain the raw byte value of a pointer which sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.

Discovery 2019-11-05
Entry 2019-11-19
lt 4.9