This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
61480a9a-22b2-11d9-814e-0001020eed82 | cabextract -- insecure directory handling cabextract has insufficient checks for file names that
contain Discovery 2004-10-18 Entry 2004-10-20 Modified 2004-10-22 cabextract < 1.1 CVE-2004-0916 http://www.kyz.uklinux.net/cabextract.php#changes |
cc7548ef-06e1-11e5-8fda-002590263bf5 | libmspack -- frame_end overflow which could cause infinite loop There is a denial of service vulnerability in libmspack. The libmspack code is built into cabextract, so it is also vulnerable. MITRE reports:
Discovery 2014-12-11 Entry 2015-05-31 libmspack < 0.5 cabextract < 1.5 CVE-2014-9556 https://bugs.debian.org/773041 http://www.openwall.com/lists/oss-security/2015/01/07/2 |
43024078-9b63-11df-8983-001d60d86f38 | libmspack -- infinite loop denial of service There is a denial of service vulnerability in libmspack. The libmspack code is built into cabextract, so it is also vulnerable. Secunia reports:
Discovery 2010-07-26 Entry 2010-07-30 libmspack le 0.0.20060920 cabextract < 1.3 http://secunia.com/advisories/40719/ |
cfb12f02-06e1-11e5-8fda-002590263bf5 | cabextract -- directory traversal with UTF-8 symbols in filenames Cabextract ChangeLog reports:
Discovery 2015-02-18 Entry 2015-05-31 cabextract < 1.6 http://www.cabextract.org.uk/#changes http://www.openwall.com/lists/oss-security/2015/02/18/3 CVE-2015-2060 |