FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cd2dc126-cfe4-11ea-9172-4c72b94353b5Cacti -- multiple vulnerabilities

Cacti developers reports:

Multiple fixes for bundled jQuery to prevent code exec (CVE-2020-11022, CVE-2020-11023).

PHPMail contains a escaping bug (CVE-2020-13625).

SQL Injection via color.php in Cacti (CVE-2020-14295).


Discovery 2020-07-15
Entry 2020-07-27
cacti
< 1.2.13

https://www.cacti.net/release_notes.php?version=1.2.13
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14295
CVE-2020-11022
CVE-2020-11023
CVE-2020-13625
CVE-2020-14295
e4cd0b38-c9f9-11eb-87e1-08002750c711cacti -- SQL Injection was possible due to incorrect validation order

Cati team reports:

Due to a lack of validation, data_debug.php can be the source of a SQL injection.


Discovery 2020-12-24
Entry 2021-06-10
Modified 2021-06-24
cacti
ge 1.2 lt 1.2.17

CVE-2020-35701
https://github.com/Cacti/cacti/issues/4022