FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-24 11:27:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
fd538d14-5778-4764-b321-2ddd61a8a58fkeycloak -- Missing server identity checks when sending mails via SMTPS

Red Hat reports:

A vulnerability was found in Apache Sling Commons Messaging Mail(angus-mail), which provides a simple interface for sending emails via SMTPS in OSGi, does not offer an option to enable server identity checks, leaving connections vulnerable to "man-in-the-middle" attacks and can allow insecure email communication.


Discovery 2024-10-01
Entry 2024-10-31
keycloak
< 26.0.4

CVE-2021-44549
https://www.cve.org/CVERecord?id=CVE-2021-44549
7d7a28cd-7f5a-450a-852f-c49aaab3fa7ekeycloak -- Multiple security fixes

Keycloak reports:

This update includes 5 security fixes:

  • CVE-2024-10451: Sensitive Data Exposure in Keycloak Build Process
  • CVE-2024-10270: Potential Denial of Service
  • CVE-2024-10492: Keycloak path trasversal
  • CVE-2024-9666: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability
  • CVE-2024-10039: Bypassing mTLS validation

Discovery 2024-11-22
Entry 2024-11-25
keycloak
< 26.0.6

CVE-2021-9666
CVE-2021-10039
CVE-2021-10270
CVE-2021-10451
CVE-2021-10492