FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  506800
Date:      2019-07-17
Time:      14:54:53Z
Committer: lwhsu

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
d3d02d3a-2242-11e9-b95c-b499baebfeafMySQL -- multiple vulnerabilities

Oracle reports:

Please reference CVE/URL list for details

Not all listed CVE's are present in all versions/flavors


Discovery 2019-01-15
Entry 2019-01-27
mariadb55-server
lt 5.5.63

mariadb100-server
lt 10.0.38

mariadb101-server
lt 10.1.38

mariadb102-server
lt 10.2.22

mariadb103-server
lt 10.3.13

mysql55-server
lt 5.5.63

mysql56-server
lt 5.6.43

mysql57-server
lt 5.7.25

mysql80-server
lt 8.0.14

percona55-server
lt 5.5.63

percona56-server
lt 5.6.43

percona57-server
lt 5.7.25

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL
CVE-2019-2534
CVE-2019-2533
CVE-2019-2529
CVE-2019-2482
CVE-2019-2434
CVE-2019-2455
CVE-2019-2503
CVE-2019-2436
CVE-2019-2536
CVE-2019-2502
CVE-2019-2510
CVE-2019-2539
CVE-2019-2494
CVE-2019-2495
CVE-2019-2537
CVE-2019-2420
CVE-2019-2481
CVE-2019-2507
CVE-2019-2530
CVE-2019-2528
CVE-2019-2531
CVE-2019-2486
CVE-2019-2532
CVE-2019-2535
CVE-2019-2513
4e1997e8-5de0-11e9-b95c-b499baebfeafMySQL -- multiple vulnerabilities

Oracle reports:

Critical Patch Update Oracle MySQL Executive Summary

This Critical Patch Update contains 44 new security fixes for Oracle MySQL. 3 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

The Oracle MySQL products and versions affected by vulnerabilities that are fixed in this Critical Patch Update are: MySQL Server, versions 5.6.43 and prior, 5.7.25 and prior, 8.0.15 and prior

Further details will be published by Oracle on 2019-04-16


Discovery 2019-04-13
Entry 2019-04-13
mariadb55-server
lt 5.5.64

mariadb101-server
lt 10.1.39

mariadb102-server
lt 10.2.23

mariadb103-server
lt 10.3.14

mysql56-server
lt 5.6.44

mysql57-server
lt 5.7.26

mysql80-server
lt 8.0.15

percona55-server
lt 5.5.64

percona56-server
lt 5.6.44

percona57-server
lt 5.7.26

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
57aec168-453e-11e8-8777-b499baebfeafMySQL -- multiple vulnerabilities

Oracle reports:

MySQL Multiple Flaws Let Remote Authenticated Users Access and Modify Data, Remote and Local Users Deny Service, and Local Users Access Data and Gain Elevated Privileges

  • A local user can exploit a flaw in the Replication component to gain elevated privileges [CVE-2018-2755].
  • A remote authenticated user can exploit a flaw in the GIS Extension component to cause denial of service conditions [CVE-2018-2805].
  • A remote authenticated user can exploit a flaw in the InnoDB component to cause denial of service conditions [CVE-2018-2782, CVE-2018-2784, CVE-2018-2819].
  • A remote authenticated user can exploit a flaw in the Security Privileges component to cause denial of service conditions [CVE-2018-2758, CVE-2018-2818].
  • A remote authenticated user can exploit a flaw in the DDL component to cause denial of service conditions [CVE-2018-2817].
  • A remote authenticated user can exploit a flaw in the Optimizer component to cause denial of service conditions [CVE-2018-2775, CVE-2018-2778, CVE-2018-2779, CVE-2018-2780, CVE-2018-2781, CVE-2018-2816].
  • A remote user can exploit a flaw in the Client programs component to cause denial of service conditions [CVE-2018-2761, CVE-2018-2773].
  • A remote authenticated user can exploit a flaw in the InnoDB component to partially modify data and cause denial of service conditions [CVE-2018-2786, CVE-2018-2787].
  • A remote authenticated user can exploit a flaw in the Optimizer component to partially modify data and cause denial of service conditions [CVE-2018-2812].
  • A local user can exploit a flaw in the Cluster ndbcluster/plugin component to cause denial of service conditions [CVE-2018-2877].
  • A remote authenticated user can exploit a flaw in the InnoDB component to cause denial of service conditions [CVE-2018-2759, CVE-2018-2766, CVE-2018-2777, CVE-2018-2810].
  • A remote authenticated user can exploit a flaw in the DML component to cause denial of service conditions [CVE-2018-2839].
  • A remote authenticated user can exploit a flaw in the Performance Schema component to cause denial of service conditions [CVE-2018-2846].
  • A remote authenticated user can exploit a flaw in the Pluggable Auth component to cause denial of service conditions [CVE-2018-2769].
  • A remote authenticated user can exploit a flaw in the Group Replication GCS component to cause denial of service conditions [CVE-2018-2776].
  • A local user can exploit a flaw in the Connection component to cause denial of service conditions [CVE-2018-2762].
  • A remote authenticated user can exploit a flaw in the Locking component to cause denial of service conditions [CVE-2018-2771].
  • A remote authenticated user can exploit a flaw in the DDL component to partially access data [CVE-2018-2813].

Discovery 2018-04-17
Entry 2018-04-21
mariadb55-server
lt 5.5.60

mariadb100-server
lt 10.0.35

mariadb101-server
lt 10.1.33

mariadb102-server
lt 10.2.15

mysql55-server
lt 5.5.60

mysql56-server
lt 5.6.40

mysql57-server
lt 5.7.22

percona55-server
lt 5.5.60

percona56-server
lt 5.6.40

percona57-server
lt 5.7.22

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
CVE-2018-2755
CVE-2018-2805
CVE-2018-2782
CVE-2018-2784
CVE-2018-2819
CVE-2018-2758
CVE-2018-2817
CVE-2018-2775
CVE-2018-2780
CVE-2018-2761
CVE-2018-2786
CVE-2018-2787
CVE-2018-2812
CVE-2018-2877
CVE-2018-2759
CVE-2018-2766
CVE-2018-2777
CVE-2018-2810
CVE-2018-2818
CVE-2018-2839
CVE-2018-2778
CVE-2018-2779
CVE-2018-2781
CVE-2018-2816
CVE-2018-2846
CVE-2018-2769
CVE-2018-2776
CVE-2018-2762
CVE-2018-2771
CVE-2018-2813
CVE-2018-2773
909be51b-9b3b-11e8-add2-b499baebfeafMySQL -- multiple vulnerabilities

Oracle reports:

Multiple vulnerabilities have been disclosed by Oracle without further detail. CVSS scores 7.1 - 2.7


Discovery 2018-07-17
Entry 2018-08-08
mariadb55-server
lt 5.5.61

mariadb100-server
lt 10.0.36

mariadb101-server
lt 10.1.35

mariadb102-server
lt 10.2.17

mariadb103-server
lt 10.3.9

mysql55-server
lt 5.5.61

mysql56-server
lt 5.6.41

mysql57-server
lt 5.7.23

mysql80-server
lt 8.0.12

percona55-server
lt 5.5.61

percona56-server
lt 5.6.41

percona57-server
lt 5.7.23

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
CVE-2018-3064
CVE-2018-0739
CVE-2018-3070
CVE-2018-3060
CVE-2018-3065
CVE-2018-3073
CVE-2018-3074
CVE-2018-3081
CVE-2018-3071
CVE-2018-3079
CVE-2018-3054
CVE-2018-3077
CVE-2018-3078
CVE-2018-3080
CVE-2018-3061
CVE-2018-3067
CVE-2018-3063
CVE-2018-3075
CVE-2018-3058
CVE-2018-3056
CVE-2018-3066
CVE-2018-2767
CVE-2018-3084
CVE-2018-3082
ec5072b0-d43a-11e8-a6d2-b499baebfeafMySQL -- multiple vulnerabilities

Oracle reports:

Please reference CVE/URL list for details


Discovery 2018-10-16
Entry 2018-10-20
Modified 2018-11-08
mariadb55-server
lt 5.5.62

mariadb100-server
lt 10.0.37

mariadb101-server
lt 10.1.37

mariadb102-server
lt 10.2.19

mariadb103-server
lt 10.3.11

mysql55-server
lt 5.5.62

mysql56-server
lt 5.6.42

mysql57-server
lt 5.7.24

mysql80-server
lt 8.0.13

percona55-server
lt 5.5.62

percona56-server
lt 5.6.42

percona57-server
lt 5.7.24

https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
CVE-2016-9843
CVE-2018-3155
CVE-2018-3143
CVE-2018-3156
CVE-2018-3251
CVE-2018-3182
CVE-2018-3137
CVE-2018-3203
CVE-2018-3133
CVE-2018-3145
CVE-2018-3144
CVE-2018-3185
CVE-2018-3195
CVE-2018-3247
CVE-2018-3187
CVE-2018-3174
CVE-2018-3171
CVE-2018-3277
CVE-2018-3162
CVE-2018-3173
CVE-2018-3200
CVE-2018-3170
CVE-2018-3212
CVE-2018-3280
CVE-2018-3186
CVE-2018-3161
CVE-2018-3278
CVE-2018-3279
CVE-2018-3282
CVE-2018-3284
CVE-2018-3283
CVE-2018-3286