FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-13 20:06:50 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
c89a3ebb-ae07-11dd-b4b2-001f3c8eabebtrac -- potential DOS vulnerability

Trac development team reports:

0.11.2 is a new stable maintenance release. It contains several security fixes and everyone is recommended to upgrade their installations.

Bug fixes:

Fixes potential DOS vulnerability with certain wiki markup.


Discovery 2008-11-08
Entry 2008-11-09
trac
< 0.11.2

ja-trac
< 0.11.2

http://groups.google.com/group/trac-announce/browse_thread/thread/67f7a22ec818d97d
e546c7ce-ce46-11db-bc24-0016179b2dd5trac -- cross site scripting vulnerability

Secunia reports:

The vulnerability is caused due to an error within the "download wiki page as text" function, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation may require that the victim uses IE.


Discovery 2007-03-09
Entry 2007-03-09
trac
< 0.10.3

ja-trac
< 0.10.3_1

http://secunia.com/advisories/24470
http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1