FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2025-09-04 07:16:14 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|
| eb03714d-79f0-11f0-b4c1-ac5afc632ba3 | nginx -- worker process memory disclosure
F5 reports:
NGINX Open Source and NGINX Plus have a vulnerability in the
ngx_mail_smtp_module that might allow an unauthenticated attacker to
over-read NGINX SMTP authentication process memory; as a result, the
server side may leak arbitrary bytes sent in a request to the
authentication server. This issue happens during the NGINX SMTP
authentication process and requires the attacker to make preparations
against the target system to extract the leaked data. The issue
affects NGINX only if (1) it is built with the ngx_mail_smtp_module,
(2) the smtp_auth directive is configured with method "none,"
and (3) the authentication server returns the "Auth-Wait" response
header.
Discovery 2025-08-13
Entry 2025-08-15
nginx-devel
< 1.29.1
CVE-2025-53859
https://www.cve.org/CVERecord?id=CVE-2025-53859
|
| 9761af78-e3e4-11ef-9f4a-589cfc10a551 | nginx-devel -- SSL session reuse vulnerability
The nginx development team reports:
This update fixes the SSL session reuse vulnerability.
Discovery 2025-02-05
Entry 2025-02-05
nginx-devel
< 1.27.4
nginx
< 1.26.3
CVE-2025-23419
|