FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-02-20 19:53:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c27c05a7-a0c8-11f0-8471-4ccc6adda413	qt6-webengine -- Multiple vulnerabilities Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: CVE-2025-9866: Determine whether to bypass redirect checks per request CVE-2025-10200: Use after free in Serviceworker CVE-2025-10201: Inappropriate implementation in Mojo CVE-2025-10500: Use after free in Dawn CVE-2025-10501: Use after free in WebRTC CVE-2025-10502: Heap buffer overflow in ANGLE CVE-2025-10890: Side-channel information leakage in V8 (1/2) CVE-2025-10891: Integer overflow in V8 CVE-2025-10892: Integer overflow in V8 Discovery 2025-09-25 Entry 2025-10-04 qt6-pdf qt6-webengine < 6.9.3 CVE-2025-9866 CVE-2025-10200 CVE-2025-10201 CVE-2025-10500 CVE-2025-10501 CVE-2025-10502 CVE-2025-10890 CVE-2025-10891 CVE-2025-10892 https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=130-based
73ff246b-04b2-11f1-84fc-4ccc6adda413	qt6-webengine -- multiple vulnerabilities Qt qtwebengine-chromium repo reports: Backports for 7 security bugs in Chromium: CVE-2025-13638: Prevent media element GC in callbacks in WebMediaPlayerMS CVE-2025-13639: Improve validation of SDP direction in remote description CVE-2025-13720: Avoid downcasting Hash and Integrity reports CVE-2025-14174: Metal: Don't use pixelsDepthPitch to size buffers CVE-2025-14765: Polyfill unary negation and abs for amd mesa frontend CVE-2026-0908: Use CheckedNumerics in HandleAllocator CVE-2026-1504: Block opaque 416 responses to non-range requests Discovery 2026-02-02 Entry 2026-02-08 qt6-pdf qt6-webengine < 6.10.2 CVE-2025-13638 CVE-2025-13639 CVE-2025-13720 CVE-2025-14174 CVE-2025-14765 CVE-2026-0908 CVE-2026-1504 https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=134-based

VuXML ID

Description

c27c05a7-a0c8-11f0-8471-4ccc6adda413

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports:

Backports for 9 security bugs in Chromium:

CVE-2025-9866: Determine whether to bypass redirect checks per request

CVE-2025-10200: Use after free in Serviceworker

CVE-2025-10201: Inappropriate implementation in Mojo

CVE-2025-10500: Use after free in Dawn

CVE-2025-10501: Use after free in WebRTC

CVE-2025-10502: Heap buffer overflow in ANGLE

CVE-2025-10890: Side-channel information leakage in V8 (1/2)

CVE-2025-10891: Integer overflow in V8

CVE-2025-10892: Integer overflow in V8

Discovery 2025-09-25
Entry 2025-10-04
qt6-pdf
qt6-webengine

< 6.9.3

CVE-2025-9866
CVE-2025-10200
CVE-2025-10201
CVE-2025-10500
CVE-2025-10501
CVE-2025-10502
CVE-2025-10890
CVE-2025-10891
CVE-2025-10892
https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=130-based

73ff246b-04b2-11f1-84fc-4ccc6adda413

qt6-webengine -- multiple vulnerabilities

Qt qtwebengine-chromium repo reports:

Backports for 7 security bugs in Chromium:

CVE-2025-13638: Prevent media element GC in callbacks in WebMediaPlayerMS

CVE-2025-13639: Improve validation of SDP direction in remote description

CVE-2025-13720: Avoid downcasting Hash and Integrity reports

CVE-2025-14174: Metal: Don't use pixelsDepthPitch to size buffers

CVE-2025-14765: Polyfill unary negation and abs for amd mesa frontend

CVE-2026-0908: Use CheckedNumerics in HandleAllocator

CVE-2026-1504: Block opaque 416 responses to non-range requests

Discovery 2026-02-02
Entry 2026-02-08
qt6-pdf
qt6-webengine

< 6.10.2

CVE-2025-13638
CVE-2025-13639
CVE-2025-13720
CVE-2025-14174
CVE-2025-14765
CVE-2026-0908
CVE-2026-1504
https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=134-based