FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 06:34:59 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0bf816f6-3cfe-11ec-86cd-dca632b19f10advancecomp -- multiple vulnerabilities

Joonun Jang reports:

heap buffer overflow running advzip with "-l poc" option

Running 'advzip -l poc' with the attached file raises heap buffer overflow which may allow a remote attacker to cause unspecified impact including denial-of-service attack. I expected the program to terminate without segfault, but the program crashes as follow. [...]

and other vulnerabilities.


Discovery 2018-07-29
Entry 2021-11-19
advancecomp
< 2.1.6

CVE-2018-1056
CVE-2019-8379
CVE-2019-8383
CVE-2019-9210
b6a84729-6bd0-11ed-8d9a-b42e991fc52eadvancecomp -- Multiple vulnerabilities

GitHub advisories reports:

Multiple vulnerabilities found in advancecomp including:

  • Three segmentation faults.
  • Heap buffer overflow via le_uint32_read at /lib/endianrw.h.
  • Three more heap buffer overflows.

Discovery 2022-08-29
Entry 2022-11-24
advancecomp
< 2.4

CVE-2022-35014
https://nvd.nist.gov/vuln/detail/CVE-2022-35014
CVE-2022-35015
https://nvd.nist.gov/vuln/detail/CVE-2022-35015
CVE-2022-35016
https://nvd.nist.gov/vuln/detail/CVE-2022-35016
CVE-2022-35017
https://nvd.nist.gov/vuln/detail/CVE-2022-35017
CVE-2022-35018
https://nvd.nist.gov/vuln/detail/CVE-2022-35018
CVE-2022-35019
https://nvd.nist.gov/vuln/detail/CVE-2022-35019
CVE-2022-35020
https://nvd.nist.gov/vuln/detail/CVE-2022-35020