FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
094e4a5b-6511-11ed-8c5e-206a8a720317	krb5 -- Integer overflow vulnerabilities in PAC parsing MITKRB5-SA-2022-001 Vulnerabilities in PAC parsing: Due to an integer overflow vulnerabilities in PAC parsing An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. On 32-bit platforms an authenticated attacker may be able to cause heap corruption resulting in an RCE. Discovery 2022-11-05 Entry 2022-11-15 krb5 < 1.19.3_1 gt 1.20 lt 1.20_1 krb5-120 < 1.20_1 krb5-119 < 1.19.3_1 krb5-devel < 1.20.2022.11.03 CVE-2022-42898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42898

VuXML ID

Description

094e4a5b-6511-11ed-8c5e-206a8a720317

krb5 -- Integer overflow vulnerabilities in PAC parsing

MITKRB5-SA-2022-001 Vulnerabilities in PAC parsing:

Due to an integer overflow vulnerabilities in PAC parsing An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service.

On 32-bit platforms an authenticated attacker may be able to cause heap corruption resulting in an RCE.

Discovery 2022-11-05
Entry 2022-11-15
krb5

< 1.19.3_1

gt 1.20 lt 1.20_1

krb5-120

< 1.20_1

krb5-119

< 1.19.3_1

krb5-devel

< 1.20.2022.11.03

CVE-2022-42898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42898