FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
69815a1d-c31d-11eb-9633-b42e99a1b9c3	SOGo -- SAML user authentication impersonation sogo.nu reports: SOGo was not validating the signatures of any SAML assertions it received. This means any actor with network access to the deployment could impersonate users when SAML was the authentication method. Discovery 2021-06-01 Entry 2021-06-02 sogo lt 5.1.1 sogo-activesync lt 5.1.1 sogo2 lt 2.4.1 sogo2-activesync lt 2.4.1 CVE-2021-33054 https://www.sogo.nu/news/2021/saml-vulnerability.html https://blogs.akamai.com/2021/06/sogo-and-packetfence-impacted-by-saml-implementation-vulnerabilities.html

VuXML ID

Description

69815a1d-c31d-11eb-9633-b42e99a1b9c3

SOGo -- SAML user authentication impersonation

sogo.nu reports:

SOGo was not validating the signatures of any SAML assertions it received.

This means any actor with network access to the deployment could impersonate

users when SAML was the authentication method.

Discovery 2021-06-01
Entry 2021-06-02
sogo

lt 5.1.1

sogo-activesync

lt 5.1.1

sogo2

lt 2.4.1

sogo2-activesync

lt 2.4.1

CVE-2021-33054
https://www.sogo.nu/news/2021/saml-vulnerability.html
https://blogs.akamai.com/2021/06/sogo-and-packetfence-impacted-by-saml-implementation-vulnerabilities.html