FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-02 08:34:31 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
851ce3e4-8b03-11ef-84e9-901b0e9408dc	element-web -- Potential exposure of access token via authenticated media Element team reports: Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involving malicious widgets, but other vectors may exist. Users are strongly advised to upgrade to version 1.11.81 to remediate the issue. Discovery 2024-10-15 Entry 2024-10-15 element-web >= 1.11.70 lt 1.11.81 CVE-2024-47779 https://github.com/element-hq/element-web/security/advisories/GHSA-3jm3-x98c-r34x

VuXML ID

Description

851ce3e4-8b03-11ef-84e9-901b0e9408dc

element-web -- Potential exposure of access token via authenticated media

Element team reports:

Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involving malicious widgets, but other vectors may exist. Users are strongly advised to upgrade to version 1.11.81 to remediate the issue.

Discovery 2024-10-15
Entry 2024-10-15
element-web

>= 1.11.70 lt 1.11.81

CVE-2024-47779
https://github.com/element-hq/element-web/security/advisories/GHSA-3jm3-x98c-r34x