FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 06:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c1265e85-7c95-11e7-93af-005056925db4	Axis2 -- Security vulnerability on dependency Apache Commons FileUpload Apache Axis2 reports: The commons-fileupload dependency has been updated to a version that fixes CVE-2016-1000031 (AXIS2-5853). Discovery 2016-11-14 Entry 2017-08-09 axis2 < 1.7.6 http://axis.apache.org/axis2/java/core/release-notes/1.7.6.html https://issues.apache.org/jira/browse/AXIS2-5853 https://issues.apache.org/jira/browse/FILEUPLOAD-279 CVE-2016-1000031
ac18046c-9b08-11e6-8011-005056925db4	Axis2 -- Security vulnerabilities on dependency Apache HttpClient Apache Axis2 reports: Apache Axis2 1.7.4 is a maintenance release that includes fixes for several issues, including the following security issues: Session fixation (AXIS2-4739) and XSS (AXIS2-5683) vulnerabilities affecting the admin console. A dependency on an Apache HttpClient version affected by known security vulnerabilities (CVE-2012-6153 and CVE-2014-3577); see AXIS2-5757. Discovery 2012-12-06 Entry 2016-10-28 axis2 < 1.7.4 http://axis.apache.org/axis2/java/core/release-notes/1.7.4.html https://issues.apache.org/jira/browse/AXIS2-4739 https://issues.apache.org/jira/browse/AXIS2-5683 https://issues.apache.org/jira/browse/AXIS2-5757 CVE-2012-6153 CVE-2014-3577
0baadc45-92d0-11e6-8011-005056925db4	Axis2 -- Cross-site scripting (XSS) vulnerability Apache Axis2 reports: Apache Axis2 1.7.3 is a security release that contains a fix for CVE-2010-3981. That security vulnerability affects the admin console that is part of the Axis2 Web application and was originally reported for SAP BusinessObjects (which includes a version of Axis2). That report didnât mention Axis2 at all and the Axis2 project only recently became aware (thanks to Devesh Bhatt and Nishant Agarwala) that the issue affects Apache Axis2 as well. Discovery 2010-10-18 Entry 2016-10-18 axis2 < 1.7.3 http://axis.apache.org/axis2/java/core/release-notes/1.7.3.html CVE-2010-3981 ports/213546

VuXML ID

Description

c1265e85-7c95-11e7-93af-005056925db4

Axis2 -- Security vulnerability on dependency Apache Commons FileUpload

Apache Axis2 reports:

The commons-fileupload dependency has been updated to a version that fixes CVE-2016-1000031 (AXIS2-5853).

Discovery 2016-11-14
Entry 2017-08-09
axis2

< 1.7.6

http://axis.apache.org/axis2/java/core/release-notes/1.7.6.html
https://issues.apache.org/jira/browse/AXIS2-5853
https://issues.apache.org/jira/browse/FILEUPLOAD-279
CVE-2016-1000031

ac18046c-9b08-11e6-8011-005056925db4

Axis2 -- Security vulnerabilities on dependency Apache HttpClient

Apache Axis2 reports:

Apache Axis2 1.7.4 is a maintenance release that includes fixes for several issues, including the following security issues: Session fixation (AXIS2-4739) and XSS (AXIS2-5683) vulnerabilities affecting the admin console. A dependency on an Apache HttpClient version affected by known security vulnerabilities (CVE-2012-6153 and CVE-2014-3577); see AXIS2-5757.

Discovery 2012-12-06
Entry 2016-10-28
axis2

< 1.7.4

http://axis.apache.org/axis2/java/core/release-notes/1.7.4.html
https://issues.apache.org/jira/browse/AXIS2-4739
https://issues.apache.org/jira/browse/AXIS2-5683
https://issues.apache.org/jira/browse/AXIS2-5757
CVE-2012-6153
CVE-2014-3577

0baadc45-92d0-11e6-8011-005056925db4

Axis2 -- Cross-site scripting (XSS) vulnerability

Apache Axis2 reports:

Apache Axis2 1.7.3 is a security release that contains a fix for CVE-2010-3981. That security vulnerability affects the admin console that is part of the Axis2 Web application and was originally reported for SAP BusinessObjects (which includes a version of Axis2). That report didnât mention Axis2 at all and the Axis2 project only recently became aware (thanks to Devesh Bhatt and Nishant Agarwala) that the issue affects Apache Axis2 as well.

Discovery 2010-10-18
Entry 2016-10-18
axis2

< 1.7.3

http://axis.apache.org/axis2/java/core/release-notes/1.7.3.html
CVE-2010-3981
ports/213546