FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
69815a1d-c31d-11eb-9633-b42e99a1b9c3	SOGo -- SAML user authentication impersonation sogo.nu reports: SOGo was not validating the signatures of any SAML assertions it received. This means any actor with network access to the deployment could impersonate users when SAML was the authentication method. Discovery 2021-06-01 Entry 2021-06-02 sogo < 5.1.1 sogo-activesync < 5.1.1 sogo2 < 2.4.1 sogo2-activesync < 2.4.1 CVE-2021-33054 https://www.sogo.nu/news/2021/saml-vulnerability.html https://blogs.akamai.com/2021/06/sogo-and-packetfence-impacted-by-saml-implementation-vulnerabilities.html

VuXML ID

Description

69815a1d-c31d-11eb-9633-b42e99a1b9c3

SOGo -- SAML user authentication impersonation

sogo.nu reports:

SOGo was not validating the signatures of any SAML assertions it received.

This means any actor with network access to the deployment could impersonate

users when SAML was the authentication method.

Discovery 2021-06-01
Entry 2021-06-02
sogo

< 5.1.1

sogo-activesync

< 5.1.1

sogo2

< 2.4.1

sogo2-activesync

< 2.4.1

CVE-2021-33054
https://www.sogo.nu/news/2021/saml-vulnerability.html
https://blogs.akamai.com/2021/06/sogo-and-packetfence-impacted-by-saml-implementation-vulnerabilities.html