FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-01 00:46:00 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2bab995f-36d4-11ea-9dad-002590acae31	Template::Toolkit -- Directory traversal on write Art Manion and Will Dormann report: By using an older and less-secure form of open(), it is possible for untrusted template files to cause reads/writes outside of the template directories. This vulnerability is a component of the recent Citrix exploit. Discovery 2019-12-13 Entry 2020-01-14 p5-Template-Toolkit < 3.004 https://www.kb.cert.org/vuls/id/619785/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781 CVE-2019-19781

VuXML ID

Description

2bab995f-36d4-11ea-9dad-002590acae31

Template::Toolkit -- Directory traversal on write

Art Manion and Will Dormann report:

By using an older and less-secure form of open(), it is possible for untrusted template files to cause reads/writes outside of the template directories. This vulnerability is a component of the recent Citrix exploit.

Discovery 2019-12-13
Entry 2020-01-14
p5-Template-Toolkit

< 3.004

https://www.kb.cert.org/vuls/id/619785/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781
CVE-2019-19781