FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
06a12e26-142e-11e0-bea2-0015f2db7bdewebkit-gtk2 -- Multiple vulnerabilities

Gustavo Noronha Silva reports:

The patches to fix the following CVEs are included with help from Huzaifa Sidhpurwala from the Red Hat security team.


Discovery 2010-12-28
Entry 2010-12-30
webkit-gtk2
< 1.2.6

CVE-2010-1791
CVE-2010-3812
CVE-2010-3813
CVE-2010-4197
CVE-2010-4198
CVE-2010-4204
CVE-2010-4206
CVE-2010-4577
http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS
35ecdcbe-3501-11e0-afcd-0015f2db7bdewebkit-gtk2 -- Multiple vurnabilities.

Gustavo Noronha Silva reports:

This release has essentially security fixes. Refer to the WebKit/gtk/NEWS file inside the tarball for details. We would like to thank the Red Hat security team (Huzaifa Sidhpurwala in particular) and Michael Gilbert from Debian for their help in checking (and pushing!) security issues affecting the WebKitGTK+ stable branch for this release.


Discovery 2011-02-08
Entry 2011-02-10
webkit-gtk2
< 1.2.7

CVE-2010-4492
CVE-2010-2901
CVE-2010-4040
CVE-2010-4042
CVE-2010-4199
CVE-2010-4493
CVE-2010-4578
CVE-2011-0482
CVE-2011-0778
https://bugs.webkit.org/show_bug.cgi?id=48328
https://bugs.webkit.org/show_bug.cgi?id=50710
https://bugs.webkit.org/show_bug.cgi?id=50840
https://bugs.webkit.org/show_bug.cgi?id=50932
https://bugs.webkit.org/show_bug.cgi?id=51993
https://bugs.webkit.org/show_bug.cgi?id=53265
https://bugs.webkit.org/show_bug.cgi?id=53276
http://permalink.gmane.org/gmane.os.opendarwin.webkit.gtk/405
e9ccdb28-9802-11e4-9d9c-bcaec565249cWebKit-gtk -- Multiple vulnerabilities

Webkit release team reports:

This release fixes the following security issues: CVE-2014-1344, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390.


Discovery 2015-01-07
Entry 2015-01-09
webkit-gtk2
< 1.4.8

webkit-gtk3
< 1.4.8

http://webkitgtk.org/2015/01/07/webkitgtk2.4.8-released.html
CVE-2014-1344
CVE-2014-1384
CVE-2014-1385
CVE-2014-1386
CVE-2014-1387
CVE-2014-1388
CVE-2014-1389
CVE-2014-1390
1091d2d1-cb2e-11e5-b14b-bcaec565249cwebkit -- UI spoof

webkit reports:

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.


Discovery 2015-12-28
Entry 2016-02-04
webkit-gtk2
webkit-gtk3
< 2.4.9_1

CVE-2014-1748
http://webkitgtk.org/security/WSA-2015-0002.html
e3aacd6d-3d01-434c-9330-bc9efd40350fwebkit-gtk -- Multiple vulnerabilities

The Webkitgtk project reports:

CVE-2019-6212 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6215 - Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling.

CVE-2019-6216 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6217 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6226 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6227 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.

CVE-2019-6229 - Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved validation.

CVE-2019-6233 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.

CVE-2019-6234 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.


Discovery 2019-02-08
Entry 2019-02-24
webkit2-gtk3
< 2.22.6

webkit-gtk2
webkit-gtk3
ge 0

https://webkitgtk.org/security/WSA-2019-0001.html
CVE-2019-6212
CVE-2019-6215
CVE-2019-6216
CVE-2019-6217
CVE-2019-6226
CVE-2019-6227
CVE-2019-6229
CVE-2019-6233
CVE-2019-6234