FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-10-04 12:06:31 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a64761a1-e895-11ef-873e-8447094a420fOpenSSL -- Man-in-the-Middle vulnerability

The OpenSSL project reports:

RFC7250 handshakes with unauthenticated servers don't abort as expected (High). Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set.


Discovery 2025-02-11
Entry 2025-02-11
openssl32
< 3.2.4

openssl33
< 3.3.2

openssl34
< 3.4.1

CVE-2024-12797
https://openssl-library.org/news/secadv/20250211.txt
00e912c5-9e92-11f0-bc5f-8447094a420fOpenSSL -- multiple vulnerabilities

The OpenSSL project reports reports:

Out-of-bounds read & write in RFC 3211 KEK Unwrap

Timing side-channel in SM2 algorithm on 64-bit ARM

Fix Out-of-bounds read in HTTP client no_proxy handling


Discovery 2025-09-30
Entry 2025-10-01
Modified 2025-10-03
openssl
< 3.0.18,1

openssl32
< 3.2.6

openssl33
< 3.3.5

openssl33-quictls
< 3.3.5

openssl34
< 3.4.3

openssl35
< 3.5.4

openssl36
< 3.6.0

CVE-2025-9230
CVE-2025-9231
CVE-2025-9232
SA-25:08.openssl
https://openssl-library.org/news/secadv/20250930.txt