FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-14 16:33:59 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a03636f4-a29f-11ef-af48-6cc21735f730	PostgreSQL -- PL/Perl environment variable changes execute arbitrary code PostgreSQL project reports: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Discovery 2024-11-14 Entry 2024-11-14 postgresql17-plperl < 17.1 postgresql16-plperl < 16.5 postgresql15-plperl < 15.9 postgresql14-plperl < 14.14 postgresql13-plperl < 13.17 postgresql12-plperl < 12.21 CVE-2024-10979 https://www.postgresql.org/support/security/CVE-2024-10979/

VuXML ID

Description

a03636f4-a29f-11ef-af48-6cc21735f730

PostgreSQL -- PL/Perl environment variable changes execute arbitrary code

PostgreSQL project reports:

Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user.

Discovery 2024-11-14
Entry 2024-11-14
postgresql17-plperl

< 17.1

postgresql16-plperl

< 16.5

postgresql15-plperl

< 15.9

postgresql14-plperl

< 14.14

postgresql13-plperl

< 13.17

postgresql12-plperl

< 12.21

CVE-2024-10979
https://www.postgresql.org/support/security/CVE-2024-10979/