FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-18 00:09:58 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
efd03116-c2a9-11ea-82bc-b42e99a1b9c3	webkit2-gtk3 -- multible vulnerabilities The WebKitGTK project reports vulnerabilities: CVE-2020-9802: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9803: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9805: Processing maliciously crafted web content may lead to universal cross site scripting. CVE-2020-9806: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9807: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9843: Processing maliciously crafted web content may lead to a cross site scripting attack. CVE-2020-9850: A remote attacker may be able to cause arbitrary code execution. CVE-2020-13753: CLONE_NEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminalâs input buffer. Discovery 2020-07-10 Entry 2020-07-10 webkit2-gtk3 < 2.28.3 https://webkitgtk.org/security/WSA-2020-0006.html CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-13753
576aa394-1d85-11ec-8b7d-4f5b624574e2	webkit2-gtk3 -- multiple vulnerabilities The WebKitGTK project reports vulnerabilities: CVE-2021-30858: Processing maliciously crafted web content may lead to arbitrary code execution. Discovery 2021-09-20 Entry 2021-09-24 webkit2-gtk3 < 2.32.4 CVE-2021-30858 https://webkitgtk.org/security/WSA-2021-0005.html

VuXML ID

Description

efd03116-c2a9-11ea-82bc-b42e99a1b9c3

webkit2-gtk3 -- multible vulnerabilities

The WebKitGTK project reports vulnerabilities:

CVE-2020-9802: Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-9803: Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-9805: Processing maliciously crafted web content may lead to universal cross site scripting.

CVE-2020-9806: Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-9807: Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-9843: Processing maliciously crafted web content may lead to a cross site scripting attack.

CVE-2020-9850: A remote attacker may be able to cause arbitrary code execution.

CVE-2020-13753: CLONE_NEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminalâs input buffer.

Discovery 2020-07-10
Entry 2020-07-10
webkit2-gtk3

< 2.28.3

https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9802
CVE-2020-9803
CVE-2020-9805
CVE-2020-9806
CVE-2020-9807
CVE-2020-9843
CVE-2020-9850
CVE-2020-13753

576aa394-1d85-11ec-8b7d-4f5b624574e2

webkit2-gtk3 -- multiple vulnerabilities

The WebKitGTK project reports vulnerabilities:

CVE-2021-30858: Processing maliciously crafted web content may lead to arbitrary code execution.

Discovery 2021-09-20
Entry 2021-09-24
webkit2-gtk3

< 2.32.4

CVE-2021-30858
https://webkitgtk.org/security/WSA-2021-0005.html