FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 06:34:59 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ffe2d86c-07d9-11e5-9a28-001e67150279rest-client -- plaintext password disclosure

The open sourced vulnerability database reports:

REST Client for Ruby contains a flaw that is due to the application logging password information in plaintext. This may allow a local attacker to gain access to password information.


Discovery 2015-01-12
Entry 2015-05-31
Modified 2015-09-28
rubygem-rest-client
< 1.6.7_1

CVE-2015-3448
ports/200504
https://github.com/rest-client/rest-client/issues/349
http://osvdb.org/show/osvdb/117461
83a7a720-07d8-11e5-9a28-001e67150279rest-client -- session fixation vulnerability

Andy Brody reports:

When Ruby rest-client processes an HTTP redirection response, it blindly passes along the values from any Set-Cookie headers to the redirection target, regardless of domain, path, or expiration.


Discovery 2015-03-24
Entry 2015-05-31
Modified 2015-09-28
rubygem-rest-client
< 1.6.7_1

CVE-2015-1820
ports/200504
https://github.com/rest-client/rest-client/issues/369