FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
0309c898-3aed-11eb-af2a-080027dbe4b7	glpi -- Improve encryption algorithm MITRE Corporation reports: In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library chosen is sodium. Discovery 2020-03-30 Entry 2020-03-30 Modified 2024-04-25 glpi < 9.5.0,1 https://github.com/glpi-project/glpi/security/advisories/GHSA-7xwm-4vjr-jvqh https://github.com/glpi-project/glpi/commit/f1ae6c8481e5c19a6f1801a5548cada45702e01a#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780 https://github.com/glpi-project/glpi/commit/f1ae6c8481e5c19a6f1801a5548cada45702e01a#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780 CVE-2020-11031

VuXML ID

Description

0309c898-3aed-11eb-af2a-080027dbe4b7

glpi -- Improve encryption algorithm

MITRE Corporation reports:

In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library chosen is sodium.

Discovery 2020-03-30
Entry 2020-03-30
Modified 2024-04-25
glpi

< 9.5.0,1

https://github.com/glpi-project/glpi/security/advisories/GHSA-7xwm-4vjr-jvqh
https://github.com/glpi-project/glpi/commit/f1ae6c8481e5c19a6f1801a5548cada45702e01a#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780
https://github.com/glpi-project/glpi/commit/f1ae6c8481e5c19a6f1801a5548cada45702e01a#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780
CVE-2020-11031