This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-09-20 06:52:49 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
a5f160fa-deee-11e4-99f8-080027ef73ec | mailman -- path traversal vulnerability Mark Sapiro reports:
Discovery 2015-03-27 Entry 2015-04-09 Modified 2015-06-17 mailman < 2.1.20 mailman-with-htdig < 2.1.20 ja-mailman < 2.1.14.j7_2,1 https://mail.python.org/pipermail/mailman-announce/2015-March/000209.html https://bugs.launchpad.net/mailman/+bug/1437145 CVE-2015-2775 |
9d7a2b54-4468-11ec-8532-0d24c37c72c8 | mailman -- 2.1.37 fixes XSS via user options, and moderator offline brute-force vuln against list admin password Mark Sapiro reports:
Discovery 2021-11-01 Entry 2021-11-13 mailman < 2.1.37 mailman-exim4 < 2.1.37 mailman-exim4-with-htdig < 2.1.37 mailman-postfix < 2.1.37 mailman-postfix-with-htdig < 2.1.37 mailman-with-htdig < 2.1.37 CVE-2021-43331 CVE-2021-43332 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1879/NEWS#L8 https://bugs.launchpad.net/mailman/+bug/1949401 https://bugs.launchpad.net/mailman/+bug/1949403 |
b4f0ad36-94a5-11e8-9007-080027ac955c | mailman -- content spoofing with invalid list names in web UI Mark Sapiro reports:
Discovery 2018-07-09 Entry 2018-07-31 mailman < 2.1.28 mailman-with-htdig < 2.1.28 ja-mailman < 2.1.14.j7_6,1 https://bugs.launchpad.net/mailman/+bug/1780874 https://mail.python.org/pipermail/mailman-announce/2018-July/000241.html CVE-2018-13796 |
739948e3-78bf-11e8-b23c-080027ac955c | mailman -- hardening against malicious listowners injecting evil HTML scripts Mark Sapiro reports:
Discovery 2018-03-09 Entry 2018-06-25 mailman < 2.1.27 mailman-with-htdig < 2.1.27 ja-mailman < 2.1.14.j7_5,1 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS#L8 https://www.mail-archive.com/mailman-users@python.org/ CVE-2018-0618 |
8d65aa3b-31ce-11ec-8c32-a14e8e520dc7 | mailman -- brute-force vuln on list admin password, and CSRF vuln in releases before 2.1.35 Mark Sapiro reports:
Discovery 2021-10-18 Entry 2021-10-20 mailman < 2.1.35 mailman-with-htdig < 2.1.35 CVE-2021-42096 CVE-2021-42097 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1873/NEWS#L8 https://bugs.launchpad.net/mailman/+bug/1947639 https://bugs.launchpad.net/mailman/+bug/1947640 |
3d0eeef8-0cf9-11e8-99b0-d017c2987f9a | Mailman -- Cross-site scripting (XSS) vulnerability in the web UI Mark Sapiro reports:
Discovery 2018-01-20 Entry 2018-02-08 mailman < 2.1.26 mailman-with-htdig < 2.1.26 ja-mailman <= 2.1.14.j7_3,1 https://www.mail-archive.com/mailman-users@python.org/msg70478.html CVE-2018-5950 |
b11ab01b-6e19-11e6-ab24-080027ef73ec | mailman -- CSRF protection enhancements Mark Sapiro reports:
Discovery 2016-08-19 Entry 2016-08-29 mailman < 2.1.23 http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1668 https://mail.python.org/pipermail/mailman-announce/2016-August/000226.html CVE-2016-6893 |
88760f4d-8ef7-11ea-a66d-4b2ef158be83 | mailman -- arbitrary content injection vulnerability via options or private archive login pages Mark Sapiro reports:
Discovery 2020-04-20 Entry 2020-05-07 mailman < 2.1.30_4 >= 2.1.31 lt 2.1.33 mailman-with-htdig < 2.1.30_4 >= 2.1.31 lt 2.1.33 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/1845/NEWS#L8 https://bugs.launchpad.net/mailman/+bug/1873722 https://bugs.launchpad.net/mailman/+bug/1877379 https://mail.python.org/archives/list/mailman-developers@python.org/thread/SYBIZ3MNSQZLKN6PVKO7ZKR7QMOBMS45/ CVE-2018-13796 |
0d6efbe3-52d9-11ec-9472-e3667ed6088e | mailman < 2.1.38 -- CSRF vulnerability of list mod or member against list admin page Mark Sapiro reports:
Discovery 2021-11-25 Entry 2021-12-01 mailman < 2.1.38 mailman-exim4 < 2.1.38 mailman-exim4-with-htdig < 2.1.38 mailman-postfix < 2.1.38 mailman-postfix-with-htdig < 2.1.38 mailman-with-htdig < 2.1.38 CVE-2021-44227 https://bugs.launchpad.net/mailman/+bug/1952384 https://www.mail-archive.com/mailman-users@python.org/msg73979.html |