FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 05:42:14 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fd538d14-5778-4764-b321-2ddd61a8a58f	keycloak -- Missing server identity checks when sending mails via SMTPS Red Hat reports: A vulnerability was found in Apache Sling Commons Messaging Mail(angus-mail), which provides a simple interface for sending emails via SMTPS in OSGi, does not offer an option to enable server identity checks, leaving connections vulnerable to "man-in-the-middle" attacks and can allow insecure email communication. Discovery 2024-10-01 Entry 2024-10-31 keycloak < 26.0.4 CVE-2021-44549 https://www.cve.org/CVERecord?id=CVE-2021-44549

VuXML ID

Description

fd538d14-5778-4764-b321-2ddd61a8a58f

keycloak -- Missing server identity checks when sending mails via SMTPS

Red Hat reports:

A vulnerability was found in Apache Sling Commons Messaging Mail(angus-mail), which provides a simple interface for sending emails via SMTPS in OSGi, does not offer an option to enable server identity checks, leaving connections vulnerable to "man-in-the-middle" attacks and can allow insecure email communication.

Discovery 2024-10-01
Entry 2024-10-31
keycloak

< 26.0.4

CVE-2021-44549
https://www.cve.org/CVERecord?id=CVE-2021-44549