FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  517944
Date:      2019-11-19
Time:      08:25:04Z
Committer: joneum

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ae377aeb-9ed4-11e5-8f5c-002590263bf5redmine -- CSRF protection bypass

Redmine reports:

Vulnerability that would allow an attacker to bypass the CSRF protection.


Discovery 2011-12-10
Entry 2015-12-10
redmine
lt 1.3.0

http://www.redmine.org/projects/redmine/wiki/Security_Advisories
21bc4d71-9ed8-11e5-8f5c-002590263bf5redmine -- information leak vulnerability

Redmine reports:

Data disclosure in atom feed.


Discovery 2015-12-05
Entry 2015-12-10
Modified 2015-12-11
redmine
lt 2.6.9

ge 3.0.0 lt 3.0.7

ge 3.1.0 lt 3.1.3

CVE-2015-8537
http://www.redmine.org/projects/redmine/wiki/Security_Advisories
cf96cd8d-48fb-11e0-98a6-0050569b2d21redmine -- XSS vulnerability

Jean-Philippe Lang reports:

This maintenance release for 1.1.x users includes 13 bug fixes since 1.1.1 and a security fix (XSS vulnerability affecting all Redmine versions from 1.0.1 to 1.1.1).


Discovery 2011-03-07
Entry 2011-03-07
redmine
gt 1.0 lt 1.1.2

http://www.redmine.org/news/53
cf96cd8d-48fb-11e0-98a6-0050569b2d21redmine -- XSS vulnerability

Jean-Philippe Lang reports:

This maintenance release for 1.1.x users includes 13 bug fixes since 1.1.1 and a security fix (XSS vulnerability affecting all Redmine versions from 1.0.1 to 1.1.1).


Discovery 2011-03-07
Entry 2011-03-07
redmine
gt 1.0 lt 1.1.2

http://www.redmine.org/news/53
0e0385d1-9ed5-11e5-8f5c-002590263bf5redmine -- multiple vulnerabilities

Redmine reports:

Mass-assignment vulnerability that would allow an attacker to bypass part of the security checks.

Persistent XSS vulnerability


Discovery 2012-03-11
Entry 2015-12-10
redmine
lt 1.3.2

CVE-2012-0327
http://www.redmine.org/projects/redmine/wiki/Security_Advisories
http://jvn.jp/en/jp/JVN93406632/
49def4b7-9ed6-11e5-8f5c-002590263bf5redmine -- information leak vulnerability

Redmine reports:

Potential data leak (project names) in the invalid form authenticity token error screen.


Discovery 2014-07-06
Entry 2015-12-10
redmine
lt 2.4.6

ge 2.5.0 lt 2.5.2

http://www.redmine.org/projects/redmine/wiki/Security_Advisories
939a7086-9ed6-11e5-8f5c-002590263bf5redmine -- potential XSS vulnerability

Redmine reports:

Potential XSS vulnerability when rendering some flash messages.


Discovery 2015-02-19
Entry 2015-12-10
redmine
lt 2.6.2

CVE-2015-8477
http://www.redmine.org/projects/redmine/wiki/Security_Advisories
http://www.openwall.com/lists/oss-security/2015/12/05/6
c2efcd46-9ed5-11e5-8f5c-002590263bf5redmine -- open redirect vulnerability

Redmine reports:

Open Redirect vulnerability


Discovery 2014-03-29
Entry 2015-12-10
redmine
lt 2.4.5

eq 2.5.0

CVE-2014-1985
http://www.redmine.org/projects/redmine/wiki/Security_Advisories
https://jvn.jp/en/jp/JVN93004610/index.html
be63533c-9ed7-11e5-8f5c-002590263bf5redmine -- multiple vulnerabilities

Redmine reports:

Potential changeset message disclosure in issues API.

Data disclosure on the time logging form


Discovery 2015-11-14
Entry 2015-12-10
redmine
lt 2.6.8

ge 3.0.0 lt 3.0.6

ge 3.1.0 lt 3.1.2

CVE-2015-8346
CVE-2015-8473
http://www.redmine.org/projects/redmine/wiki/Security_Advisories
http://www.openwall.com/lists/oss-security/2015/11/25/12
http://www.openwall.com/lists/oss-security/2015/12/03/7