FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-01 00:46:00 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3e917407-4b3f-11ef-8e49-001999f8d30b	Mailpit -- Content Security Policy XSS Mailpit developer reports: A vulnerability was discovered which allowed a bad actor with SMTP access to Mailpit to bypass the Content Security Policy headers using a series of crafted HTML messages which could result in a stored XSS attack via the web UI. Discovery 2024-07-26 Entry 2024-07-26 mailpit < 1.19.3 https://github.com/axllent/mailpit/releases/tag/v1.19.3
732282a5-5a10-11ee-bca0-001999f8d30b	Mailpit affected by vulnerability in included go markdown module Mailpit author reports: Update Go modules to address CVE-2023-42821 (go markdown module DoS). Discovery 2023-09-23 Entry 2023-09-23 mailpit < 1.9.1 CVE-2023-42821

VuXML ID

Description

3e917407-4b3f-11ef-8e49-001999f8d30b

Mailpit -- Content Security Policy XSS

Mailpit developer reports:

A vulnerability was discovered which allowed a bad actor with SMTP access to Mailpit to bypass the Content Security Policy headers using a series of crafted HTML messages which could result in a stored XSS attack via the web UI.

Discovery 2024-07-26
Entry 2024-07-26
mailpit

< 1.19.3

https://github.com/axllent/mailpit/releases/tag/v1.19.3

732282a5-5a10-11ee-bca0-001999f8d30b

Mailpit affected by vulnerability in included go markdown module

Mailpit author reports:

Update Go modules to address CVE-2023-42821 (go markdown module DoS).

Discovery 2023-09-23
Entry 2023-09-23
mailpit

< 1.9.1

CVE-2023-42821