FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-01-06 22:47:04 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
963f4e9d-e4d5-11f0-984f-b42e991fc52e	Forgejo -- Symbolic Link (Symlink) Following https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/13.0.2.md reports: Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later. Discovery 2025-12-25 Entry 2025-12-29 forgejo < 13.0.2 CVE-2025-68937 https://cveawg.mitre.org/api/cve/CVE-2025-68937

VuXML ID

Description

963f4e9d-e4d5-11f0-984f-b42e991fc52e

Forgejo -- Symbolic Link (Symlink) Following

https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/13.0.2.md reports:

Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later.

Discovery 2025-12-25
Entry 2025-12-29
forgejo

< 13.0.2

CVE-2025-68937
https://cveawg.mitre.org/api/cve/CVE-2025-68937