FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-07-27 12:33:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
abbc8912-5efa-11f0-ae84-99047d0a6bcc	libxml2 -- multiple vulnerabilities Alan Coopersmith reports: As discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 the security policy of libxml2 has been changed to disclose vulnerabilities before fixes are available so that people other than the maintainer can contribute to fixing security issues in this library. As part of this, the following 5 CVE's have been disclosed recently: (CVE-2025-49794) Heap use after free (UAF) leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/931 [...] (CVE-2025-49795) Null pointer dereference leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/932 [...] (CVE-2025-49796) Type confusion leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/933 [...] For all three of the above, note that upstream is considering removing Schematron support completely, as discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/935. (CVE-2025-6021) Integer Overflow Leading to Buffer Overflow in xmlBuildQName() https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 [...] (CVE-2025-6170) Stack-based Buffer Overflow in xmllint Shell https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 [...] Discovery 2025-05-27 Entry 2025-07-12 Modified 2025-07-15 libxml2 < 2.14.5 linux-c7-libxml2 < 2.14.5 linux-rl9-libxml2 < 2.14.5 CVE-2025-6021 CVE-2025-6170 CVE-2025-49794 CVE-2025-49795 CVE-2025-49795 https://www.openwall.com/lists/oss-security/2025/06/16/6 https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025#libxml2-and-libxslt https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 https://gitlab.gnome.org/GNOME/libxml2/-/issues/931 https://gitlab.gnome.org/GNOME/libxml2/-/issues/932 https://gitlab.gnome.org/GNOME/libxml2/-/issues/933 https://gitlab.gnome.org/GNOME/libxml2/-/issues/935 https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941

VuXML ID

Description

abbc8912-5efa-11f0-ae84-99047d0a6bcc

libxml2 -- multiple vulnerabilities

Alan Coopersmith reports:

As discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 the security policy of libxml2 has been changed to disclose vulnerabilities before fixes are available so that people other than the maintainer can contribute to fixing security issues in this library.

As part of this, the following 5 CVE's have been disclosed recently:

(CVE-2025-49794) Heap use after free (UAF) leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/931 [...]

(CVE-2025-49795) Null pointer dereference leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/932 [...]

(CVE-2025-49796) Type confusion leads to Denial of service (DoS) https://gitlab.gnome.org/GNOME/libxml2/-/issues/933 [...]

For all three of the above, note that upstream is considering removing Schematron support completely, as discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/935.

(CVE-2025-6021) Integer Overflow Leading to Buffer Overflow in xmlBuildQName() https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 [...]

(CVE-2025-6170) Stack-based Buffer Overflow in xmllint Shell https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 [...]

Discovery 2025-05-27
Entry 2025-07-12
Modified 2025-07-15
libxml2

< 2.14.5

linux-c7-libxml2

< 2.14.5

linux-rl9-libxml2

< 2.14.5

CVE-2025-6021
CVE-2025-6170
CVE-2025-49794
CVE-2025-49795
CVE-2025-49795
https://www.openwall.com/lists/oss-security/2025/06/16/6
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025#libxml2-and-libxslt
https://gitlab.gnome.org/GNOME/libxml2/-/issues/913
https://gitlab.gnome.org/GNOME/libxml2/-/issues/931
https://gitlab.gnome.org/GNOME/libxml2/-/issues/932
https://gitlab.gnome.org/GNOME/libxml2/-/issues/933
https://gitlab.gnome.org/GNOME/libxml2/-/issues/935
https://gitlab.gnome.org/GNOME/libxml2/-/issues/926
https://gitlab.gnome.org/GNOME/libxml2/-/issues/941