FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-25 08:52:18 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
524bd03a-bb75-11eb-bf35-080027f515ealibxml2 -- Possible denial of service

Daniel Veillard reports:

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.


Discovery 2021-05-18
Entry 2021-05-23
libxml2
< 2.9.10_4

CVE-2021-3541
https://ubuntu.com/security/CVE-2021-3541
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e
0bd7f07b-dc22-11ed-bf28-589cfc0f81b0libxml2 -- multiple vulnerabilities

The libxml2 project reports:

Hashing of empty dict strings isn't deterministic

Fix null deref in xmlSchemaFixupComplexType


Discovery 2023-04-11
Entry 2023-04-16
libxml2
< 2.10.4

CVE-2023-28484
CVE-2023-29469
https://bugzilla.redhat.com/show_bug.cgi?id=2185984
https://bugzilla.redhat.com/show_bug.cgi?id=2185994