FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-16 19:33:48 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
efd03116-c2a9-11ea-82bc-b42e99a1b9c3 | webkit2-gtk3 -- multible vulnerabilities
The WebKitGTK project reports vulnerabilities:
- CVE-2020-9802: Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2020-9803: Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2020-9805: Processing maliciously crafted web content may lead to universal cross site scripting.
- CVE-2020-9806: Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2020-9807: Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2020-9843: Processing maliciously crafted web content may lead to a cross site scripting attack.
- CVE-2020-9850: A remote attacker may be able to cause arbitrary code execution.
- CVE-2020-13753: CLONE_NEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminalâs input buffer.
Discovery 2020-07-10 Entry 2020-07-10 webkit2-gtk3
< 2.28.3
https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9802
CVE-2020-9803
CVE-2020-9805
CVE-2020-9806
CVE-2020-9807
CVE-2020-9843
CVE-2020-9850
CVE-2020-13753
|
e418b8f0-9abb-420b-a7f1-1d8231b352e2 | webkit2-gtk3 -- Denial of service
The WebKitGTK project reports the following vulnerability.
Processing maliciously crafted web content may lead to arbitrary code execution or application crash (denial of service). Description: A memory corruption issue (use-after-free) was addressed with improved memory handling.
Discovery 2020-04-16 Entry 2020-04-18 webkit2-gtk3
< 2.28.1
https://webkitgtk.org/security/WSA-2020-0004.html
CVE-2020-11793
|
576aa394-1d85-11ec-8b7d-4f5b624574e2 | webkit2-gtk3 -- multiple vulnerabilities
The WebKitGTK project reports vulnerabilities:
- CVE-2021-30858: Processing maliciously crafted web content may lead to arbitrary code execution.
Discovery 2021-09-20 Entry 2021-09-24 webkit2-gtk3
< 2.32.4
CVE-2021-30858
https://webkitgtk.org/security/WSA-2021-0005.html
|