FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
65a8f773-4a37-11db-a4cc-000a48049292zope -- restructuredText "csv_table" Information Disclosure

Secunia reports:

A vulnerability has been reported in Zope, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the use of the docutils module to parse and render "restructured" text. This can be exploited to disclose certain information via the "csv_table" reStructuredText directive.


Discovery 2006-08-21
Entry 2006-09-22
Modified 2006-12-27
zope
ge 2.7.0 lt 2.7.9_1

ge 2.8.0 lt 2.8.8_1

20022
CVE-2006-4684
http://secunia.com/advisories/21947/
http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt
d2b80c7c-3aae-11da-9484-00123ffe8333zope -- expose RestructuredText functionality to untrusted users

A Zope Hotfix Alert reports:

This hotfix resolves a security issue with docutils.

Affected are possibly all Zope instances that expose RestructuredText functionalies to untrusted users through the web.


Discovery 2005-10-09
Entry 2005-10-11
Modified 2005-11-28
zope
ge 2.6.0 lt 2.7.8

ge 2.8.0 le 2.8.1_2

CVE-2005-3323
15082
http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert
34414a1e-e377-11db-b8ab-000c76189c4czope -- cross-site scripting vulnerability

The Zope Team reports:

A vulnerability has been discovered in Zope, where by certain types of misuse of HTTP GET, an attacker could gain elevated privileges. All Zope versions up to and including 2.10.2 are affected.


Discovery 2007-01-16
Entry 2007-04-05
Modified 2009-03-22
zope
< 2.7.9_2

ge 2.8.0 le 2.8.8

ge 2.9.0 le 2.9.6

ge 2.10.0 le 2.10.2

plone
< 2.5.3

23084
CVE-2007-0240
ports/111119
http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
http://plone.org/products/plone/releases/2.5.3
5f2a0c40-1322-11db-bd23-000475abc56fzope -- information disclosure vulnerability

Zope team reports:

Unspecified vulnerability in (Zope2) allows local users to obtain sensitive information via unknown attack vectors related to the docutils module and "restructured text".


Discovery 2006-07-05
Entry 2006-07-14
zope
ge 2.7.0 lt 2.7.9

ge 2.8.0 lt 2.8.7

ge 2.9.0 lt 2.9.3

CVE-2006-3458
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-2006-07-05/view