FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0a0670a1-3e1a-11ed-b48b-e0d55e2a8bf9expat -- Heap use-after-free vulnerability

Debian Security Advisory reports:

Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.


Discovery 2022-09-14
Entry 2022-09-27
expat
< 2.4.9

CVE-2022-40674
https://www.debian.org/security/2022/dsa-5236
https://nvd.nist.gov/vuln/detail/CVE-2022-40674