FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
036d6c38-1c5b-11e6-b9e0-20cf30e32f6dBugzilla security issues

Bugzilla Security Advisory

A specially crafted bug summary could trigger XSS in dependency graphs. Due to an incorrect parsing of the image map generated by the dot script, a specially crafted bug summary could trigger XSS in dependency graphs.


Discovery 2016-03-03
Entry 2016-05-17
bugzilla44
< 4.4.12

bugzilla50
< 5.0.3

CVE-2016-2803
https://bugzilla.mozilla.org/show_bug.cgi?id=1253263
22283b8c-13c5-11e8-a861-20cf30e32f6dBugzilla security issues

Bugzilla Security Advisory

A CSRF vulnerability in report.cgi would allow a third-party site to extract confidential information from a bug the victim had access to.


Discovery 2018-02-16
Entry 2018-02-16
bugzilla44
< 4.4.13

bugzilla50
< 5.0.4

CVE-2018-5123
https://bugzilla.mozilla.org/show_bug.cgi?id=1433400
54075861-a95a-11e5-8b40-20cf30e32f6dBugzilla security issues

Bugzilla Security Advisory

During the generation of a dependency graph, the code for the HTML image map is generated locally if a local dot installation is used. With escaped HTML characters in a bug summary, it is possible to inject unfiltered HTML code in the map file which the CreateImagemap function generates. This could be used for a cross-site scripting attack.

If an external HTML page contains a