FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-14 16:33:59 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a61ef21b-a29e-11ef-af48-6cc21735f730PostgreSQL -- libpq retains an error message from man-in-the-middle

PostgreSQL project reports:

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results. This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text.


Discovery 2024-11-14
Entry 2024-11-14
postgresql17-client
< 17.1

postgresql16-client
< 16.5

postgresql15-client
< 15.9

postgresql14-client
< 14.14

postgresql13-client
< 13.17

postgresql12-client
< 12.21

CVE-2024-10977
https://www.postgresql.org/support/security/CVE-2024-10977/