FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
0a48e552-e470-11ee-99b3-589cfc0f81b0	amavisd-new -- multipart boundary confusion The Amavis project reports: Emails which consist of multiple parts (`Content-Type: multipart/*`) incorporate boundary information stating at which point one part ends and the next part begins. A boundary is announced by an Content-Type header's `boundary` parameter. To our current knowledge, RFC2046 and RFC2045 do not explicitly specify how a parser should handle multiple boundary parameters that contain conflicting values. As a result, there is no canonical choice which of the values should or should not be used for mime part decomposition. Discovery 2024-03-14 Entry 2024-03-17 amavisd-new < 2.12.3 CVE-2024-28054 https://gitlab.com/amavis/amavis/-/raw/v2.12.3/README_FILES/README.CVE-2024-28054

VuXML ID

Description

0a48e552-e470-11ee-99b3-589cfc0f81b0

amavisd-new -- multipart boundary confusion

The Amavis project reports:

Emails which consist of multiple parts (`Content-Type: multipart/*`) incorporate boundary information stating at which point one part ends and the next part begins.

A boundary is announced by an Content-Type header's `boundary` parameter. To our current knowledge, RFC2046 and RFC2045 do not explicitly specify how a parser should handle multiple boundary parameters that contain conflicting values. As a result, there is no canonical choice which of the values should or should not be used for mime part decomposition.

Discovery 2024-03-14
Entry 2024-03-17
amavisd-new

< 2.12.3

CVE-2024-28054
https://gitlab.com/amavis/amavis/-/raw/v2.12.3/README_FILES/README.CVE-2024-28054