FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-30 20:33:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
704aa72a-d840-11ef-a205-901b0e9408dc	go -- multiple vulnerabilities The Go project reports: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. net/http: sensitive headers incorrectly sent after cross-domain redirect The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. Discovery 2025-01-07 Entry 2025-01-21 go122 < 1.22.11 go123 < 1.23.5 CVE-2024-45341 CVE-2024-45336 https://go.dev/issue/71156 https://go.dev/issue/70530

VuXML ID

Description

704aa72a-d840-11ef-a205-901b0e9408dc

go -- multiple vulnerabilities

The Go project reports:

crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain.

net/http: sensitive headers incorrectly sent after cross-domain redirect

The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com.

Discovery 2025-01-07
Entry 2025-01-21
go122

< 1.22.11

go123

< 1.23.5

CVE-2024-45341
CVE-2024-45336
https://go.dev/issue/71156
https://go.dev/issue/70530