This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-15 02:04:10 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
0ba61fcc-3b38-11eb-af2a-080027dbe4b7 | glpi -- SQL Injection in Search API MITRE Corporation reports:
Discovery 2020-06-25 Entry 2020-06-25 Modified 2024-04-25 glpi ge 9.1,1 lt 9.5.2,1 https://github.com/glpi-project/glpi/commit/3dc4475c56b241ad659cc5c7cb5fb65727409cf0 https://github.com/glpi-project/glpi/security/advisories/GHSA-jwpv-7m4h-5gvc CVE-2020-15226 |
b64edef7-3b10-11eb-af2a-080027dbe4b7 | glpi -- weak csrf tokens MITRE Corporation reports:
Discovery 2020-03-30 Entry 2020-03-30 Modified 2024-04-25 glpi ge 0.83.3,1 lt 9.4.6,1 https://github.com/glpi-project/glpi/security/advisories/GHSA-w7q8-58qp-vmpf https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WQMONZRWLWOXMHMYWR7A5Q5JJERPMVC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q4BG2UTINBVV7MTJRXKBQ26GV2UINA6L/ CVE-2020-11035 |
7f163c81-3b12-11eb-af2a-080027dbe4b7 | glpi -- SQL injection for all usages of "Clone" feature MITRE Corporation reports:
Discovery 2020-06-25 Entry 2020-06-25 Modified 2024-04-25 glpi ge 9.5.0,1 lt 9.5.1,1 https://github.com/glpi-project/glpi/security/advisories/GHSA-qv6w-68gq-wx2v https://github.com/glpi-project/glpi/commit/a4baa64114eb92fd2adf6056a36e0582324414ba https://github.com/glpi-project/glpi/pull/6684 CVE-2020-15108 |
09eef008-3b16-11eb-af2a-080027dbe4b7 | glpi -- Unauthenticated Stored XSS MITRE Corporation reports:
Discovery 2020-06-25 Entry 2020-06-25 Modified 2024-04-25 glpi < 9.5.2,1 https://github.com/glpi-project/glpi/commit/a8109d4ee970a222faf48cf48fae2d2f06465796 https://github.com/glpi-project/glpi/security/advisories/GHSA-prvh-9m4h-4m79 CVE-2020-15177 |
6a467439-3b38-11eb-af2a-080027dbe4b7 | glpi -- Any CalDAV calendars is read-only for every authenticated user MITRE Corporation reports:
Discovery 2020-10-01 Entry 2020-10-01 Modified 2024-04-25 glpi ge 9.5.0,1 lt 9.5.3,1 https://github.com/glpi-project/glpi/security/advisories/GHSA-qmw3-87hr-5wgx https://github.com/glpi-project/glpi/commit/527280358ec78988ac57e9809d2eb21fcd74caf7 https://github.com/glpi-project/glpi/releases/tag/9.5.3 CVE-2020-26212 |
07aecafa-3b12-11eb-af2a-080027dbe4b7 | glpi -- Reflexive XSS in Dropdown menus MITRE Corporation reports:
Discovery 2020-03-30 Entry 2020-03-30 Modified 2024-04-25 glpi < 9.4.6,1 https://github.com/glpi-project/glpi/security/advisories/GHSA-3xxh-f5p2-jg3h https://github.com/glpi-project/glpi/commit/5e1c52c5e8a30ceb4e9572964da7ed89ddfb1aaf CVE-2020-11062 |
5acd95db-3b16-11eb-af2a-080027dbe4b7 | glpi -- leakage issue with knowledge base MITRE Corporation reports:
Discovery 2020-06-25 Entry 2020-06-25 Modified 2024-04-25 glpi ge 9.5.0,1 lt 9.5.2,1 https://github.com/glpi-project/glpi/commit/39e25591efddc560e3679ab07e443ee6198705e2 https://github.com/glpi-project/glpi/security/advisories/GHSA-x9hg-j29f-wvvv CVE-2020-15217 |
675e5098-3b15-11eb-af2a-080027dbe4b7 | glpi -- Unauthenticated File Deletion MITRE Corporation reports:
Discovery 2020-06-25 Entry 2020-06-25 Modified 2024-04-25 glpi < 9.5.2,1 https://github.com/glpi-project/glpi/security/advisories/GHSA-rm52-jx9h-rwcp https://github.com/glpi-project/glpi/commit/6ca9a0e77299a755c356d758344a23278df67f65 CVE-2020-15175 |
aec9cbe0-3b0f-11eb-af2a-080027dbe4b7 | glpi -- able to read any token through API user endpoint MITRE Corporation reports:
Discovery 2020-03-30 Entry 2020-03-30 Modified 2024-04-25 glpi ge 9.1,1 lt 9.4.6,1 https://github.com/glpi-project/glpi/security/advisories/GHSA-rf54-3r4w-4h55 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WQMONZRWLWOXMHMYWR7A5Q5JJERPMVC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q4BG2UTINBVV7MTJRXKBQ26GV2UINA6L/ CVE-2020-11033 |
b7abdb0f-3b15-11eb-af2a-080027dbe4b7 | glpi -- Multiple SQL Injections Stemming From isNameQuoted() MITRE Corporation reports:
Discovery 2020-06-25 Entry 2020-06-25 Modified 2024-04-25 glpi < 9.5.2,1 https://github.com/glpi-project/glpi/commit/f021f1f365b4acea5066d3e57c6d22658cf32575 https://github.com/glpi-project/glpi/security/advisories/GHSA-x93w-64x9-58qw CVE-2020-15176 |