FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 12:04:33 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
75aae50b-9e3c-11eb-9bc3-8c164582fbacAccountsService -- Insufficient path check in user_change_icon_file_authorized_cb()

NVD reports:

Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.


Discovery 2018-07-13
Entry 2021-04-15
accountsservice
< 0.6.50

http://www.openwall.com/lists/oss-security/2018/07/02/2
https://nvd.nist.gov/vuln/detail/CVE-2018-14036
https://www.securityfocus.com/bid/104757
https://bugs.freedesktop.org/show_bug.cgi?id=107085
https://bugzilla.suse.com/show_bug.cgi?id=1099699
https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a
CVE-2018-14036