FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-11-21 11:10:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c3e1df74-5e73-11f0-95e5-74563cf9e4e9	GnuTLS -- multiple vulnerabilities Daiki Ueno reports: libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps Spotted by oss-fuzz and reported by OpenAI Security Research Team, and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1, CVSS: medium] [CVE-2025-32989] libgnutls: Fix double-free upon error when exporting otherName in SAN Reported by OpenAI Security Research Team. [GNUTLS-SA-2025-07-07-2, CVSS: low] [CVE-2025-32988] certtool: Fix 1-byte write buffer overrun when parsing template Reported by David Aitel. [GNUTLS-SA-2025-07-07-3, CVSS: low] [CVE-2025-32990] libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits PSK Reported by Stefan BÃÂ¼hler. [GNUTLS-SA-2025-07-07-4, CVSS: medium] [CVE-2025-6395] Discovery 2025-07-09 Entry 2025-07-14 gnutls < 3.8.10 CVE-2025-32989 CVE-2025-32988 CVE-2025-32990 CVE-2025-6395 https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html
b6835edf-c6c8-11f0-8471-74563cf9e4e9	GnuTLS -- Stack write buffer overflow GnuTLS reports: When a PKCS#11 token is initialized with gnutls_pkcs11_token_init function and it is passed a token label longer than 32 characters, it may write past the boundary of stack allocated memory. Discovery 2025-11-18 Entry 2025-11-21 gnutls < 3.8.11 CVE-2025-9820 https://gnutls.org/security-new.html#GNUTLS-SA-2025-11-18

VuXML ID

Description

c3e1df74-5e73-11f0-95e5-74563cf9e4e9

GnuTLS -- multiple vulnerabilities

Daiki Ueno reports:

libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps Spotted by oss-fuzz and reported by OpenAI Security Research Team, and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1, CVSS: medium] [CVE-2025-32989]

libgnutls: Fix double-free upon error when exporting otherName in SAN Reported by OpenAI Security Research Team. [GNUTLS-SA-2025-07-07-2, CVSS: low] [CVE-2025-32988]

certtool: Fix 1-byte write buffer overrun when parsing template Reported by David Aitel. [GNUTLS-SA-2025-07-07-3, CVSS: low] [CVE-2025-32990]

libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits PSK Reported by Stefan BÃÂ¼hler. [GNUTLS-SA-2025-07-07-4, CVSS: medium] [CVE-2025-6395]

Discovery 2025-07-09
Entry 2025-07-14
gnutls

< 3.8.10

CVE-2025-32989
CVE-2025-32988
CVE-2025-32990
CVE-2025-6395
https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html

b6835edf-c6c8-11f0-8471-74563cf9e4e9

GnuTLS -- Stack write buffer overflow

GnuTLS reports:

When a PKCS#11 token is initialized with gnutls_pkcs11_token_init function and it is passed a token label longer than 32 characters, it may write past the boundary of stack allocated memory.

Discovery 2025-11-18
Entry 2025-11-21
gnutls

< 3.8.11

CVE-2025-9820
https://gnutls.org/security-new.html#GNUTLS-SA-2025-11-18