FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-07-15 18:39:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a4d71e4c-7bf4-11e2-84cd-d43d7e0c7c02	drupal7 -- Denial of service Drupal Security Team reports: Drupal core's Image module allows for the on-demand generation of image derivatives. This capability can be abused by requesting a large number of new derivatives which can fill up the server disk space, and which can cause a very high CPU load. Either of these effects may lead to the site becoming unavailable or unresponsive. Discovery 2013-02-20 Entry 2013-02-21 drupal7 < 7.19 CVE-2013-0316 https://drupal.org/SA-CORE-2013-002
d9649816-5e0d-11e3-8d23-3c970e169bc2	drupal -- multiple vulnerabilities Drupal Security Team reports: Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7. Multiple vulnerabilities due to optimistic cross-site request forgery protection (Form API validation - Drupal 6 and 7) Multiple vulnerabilities due to weakness in pseudorandom number generation using mt_rand() (Form API, OpenID and random password generation - Drupal 6 and 7) Code execution prevention (Files directory .htaccess for Apache - Drupal 6 and 7) Access bypass (Security token validation - Drupal 6 and 7) Cross-site scripting (Image module - Drupal 7) Cross-site scripting (Color module - Drupal 7) Open redirect (Overlay module - Drupal 7) Discovery 2013-11-20 Entry 2013-12-06 drupal6 < 6.29 drupal7 < 7.24 https://drupal.org/SA-CORE-2013-003
1827f213-633e-11e2-8d93-c8600054b392	drupal -- multiple vulnerabilities Drupal Security Team reports: Cross-site scripting (Various core and contributed modules) Access bypass (Book module printer friendly version) Access bypass (Image module) Discovery 2013-01-16 Entry 2013-01-20 drupal6 < 6.28 drupal7 < 7.19 https://drupal.org/SA-CORE-2013-001

VuXML ID

Description

a4d71e4c-7bf4-11e2-84cd-d43d7e0c7c02

drupal7 -- Denial of service

Drupal Security Team reports:

Drupal core's Image module allows for the on-demand generation of image derivatives. This capability can be abused by requesting a large number of new derivatives which can fill up the server disk space, and which can cause a very high CPU load. Either of these effects may lead to the site becoming unavailable or unresponsive.

Discovery 2013-02-20
Entry 2013-02-21
drupal7

< 7.19

CVE-2013-0316
https://drupal.org/SA-CORE-2013-002

d9649816-5e0d-11e3-8d23-3c970e169bc2

drupal -- multiple vulnerabilities

Drupal Security Team reports:

Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7.

Multiple vulnerabilities due to optimistic cross-site request forgery protection (Form API validation - Drupal 6 and 7)

Multiple vulnerabilities due to weakness in pseudorandom number generation using mt_rand() (Form API, OpenID and random password generation - Drupal 6 and 7)

Code execution prevention (Files directory .htaccess for Apache - Drupal 6 and 7)

Access bypass (Security token validation - Drupal 6 and 7)

Cross-site scripting (Image module - Drupal 7)

Cross-site scripting (Color module - Drupal 7)

Open redirect (Overlay module - Drupal 7)

Discovery 2013-11-20
Entry 2013-12-06
drupal6

< 6.29

drupal7

< 7.24

https://drupal.org/SA-CORE-2013-003

1827f213-633e-11e2-8d93-c8600054b392

drupal -- multiple vulnerabilities

Drupal Security Team reports:

Cross-site scripting (Various core and contributed modules)

Access bypass (Book module printer friendly version)

Access bypass (Image module)

Discovery 2013-01-16
Entry 2013-01-20
drupal6

< 6.28

drupal7

< 7.19

https://drupal.org/SA-CORE-2013-001