This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
6190c0cd-b945-11ea-9401-2dcf562daa69 | PuTTY -- Release 0.74 fixes two security vulnerabilities Simon Tatham reports:
Discovery 2020-06-27 Entry 2020-06-28 putty < 0.74 putty-gtk2 < 0.74 putty-nogtk < 0.74 https://lists.tartarus.org/pipermail/putty-announce/2020/000030.html https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-dynamic-hostkey-info-leak.html https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/ CVE-2020-14002 https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-keylist-used-after-free.html |
91955195-9ebb-11ee-bc14-a703705db3a6 | putty -- add protocol extension against 'Terrapin attack' Simon Tatham reports:
Discovery 2023-10-16 Entry 2023-12-19 putty < 0.80 putty-nogtk < 0.80 CVE-2023-48795 https://lists.tartarus.org/pipermail/putty-announce/2023/000037.html https://www.openssh.com/txt/release-9.6 https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://terrapin-attack.com/ |
080936ba-fbb7-11ee-abc8-6960f2492b1d | PuTTY and embedders (f.i., filezilla) -- biased RNG with NIST P521/ecdsa-sha2-nistp521 signatures permits recovering private key Simon Tatham reports:
Discovery 2024-04-01 Entry 2024-04-16 putty ge 0.68 lt 0.81 putty-nogtk ge 0.68 lt 0.81 filezilla < 3.67.0 CVE-2024-31497 https://lists.tartarus.org/pipermail/putty-announce/2024/000038.html https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git https://filezilla-project.org/versions.php https://nvd.nist.gov/vuln/detail/CVE-2024-31497 |