This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-09-07 14:16:01 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
d754b7d2-b6a7-11df-826c-e464a695cb21 | wget -- multiple HTTP client download filename vulnerability GNU Wget version 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory. Discovery 2010-06-09 Entry 2010-09-03 wget wget-devel le 1.12_1 CVE-2010-2252 https://bugzilla.redhat.com/show_bug.cgi?id=602797 |
7b5a8e3b-52cc-11e8-8c7a-9c5c8e75236a | wget -- cookie injection vulnerability Harry Sintonen of F-Secure Corporation reports:
Discovery 2018-04-26 Entry 2018-05-08 wget < 1.19.5 https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt CVE-2018-0494 ports/228071 |
479c5b91-b6cc-11e6-a04e-3417eb99b9a0 | wget -- Access List Bypass / Race Condition Dawid Golunski reports:
Discovery 2016-11-24 Entry 2016-11-30 wget le 1.17 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7098 CVE-2016-7098 |
6df56c60-3738-11e6-a671-60a44ce6887b | wget -- HTTP to FTP redirection file name confusion vulnerability Giuseppe Scrivano reports:
Discovery 2016-06-09 Entry 2016-06-21 wget < 1.18 http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html CVE-2016-4971 |
d77ceb8c-bb13-11e7-8357-3065ec6f3643 | wget -- Heap overflow in HTTP protocol handling Antti Levomäki, Christian Jalio, Joonas Pihlaja:
Discovery 2017-10-20 Entry 2017-10-27 wget < 1.19.2 http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba CVE-2017-13090 |
09849e71-bb12-11e7-8357-3065ec6f3643 | wget -- Stack overflow in HTTP protocol handling Antti Levomäki, Christian Jalio, Joonas Pihlaja:
Discovery 2017-10-20 Entry 2017-10-27 wget < 1.19.2 http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f CVE-2017-13089 |
ee7b4f9d-66c8-11e4-9ae1-e8e0b722a85e | wget -- path traversal vulnerability in recursive FTP mode MITRE reports:
Discovery 2014-10-27 Entry 2014-11-08 wget < 1.16 CVE-2014-4877 685996 |