This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-06-28 22:18:41 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
21a854cc-cac1-11ee-b7a7-353f1e043d9a | DNSSEC validators -- denial-of-service/CPU exhaustion from KeyTrap and NSEC3 vulnerabilities Simon Kelley reports:
Stichting NLnet Labs reports:
Discovery 2024-02-06 Entry 2024-02-13 Modified 2024-04-01 bind916 < 9.16.48 bind918 < 9.18.24 bind9-devel < 9.19.21 dnsmasq < 2.90 dnsmasq-devel < 2.90 powerdns-recursor < 5.0.2 unbound < 1.19.1 FreeBSD ge 14.0 lt 14.0_6 ge 13.2 lt 13.2_11 CVE-2023-50387 CVE-2023-50868 https://kb.isc.org/docs/cve-2023-50387 https://kb.isc.org/docs/cve-2023-50868 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html https://blog.powerdns.com/2024/02/13/powerdns-recursor-4-8-6-4-9-3-5-0-2-released https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/ SA-24:03.unbound |
37569eb7-0125-11e5-9d98-080027ef73ec | dnsmasq -- data exposure and denial of service Nick Sampanis reported a potential memory exposure and denial of service vulnerability against dnsmasq 2.72. The CVE entry summarizes this as:
Discovery 2015-04-07 Entry 2015-05-23 dnsmasq < 2.72_1 dnsmasq-devel < 2.73rc4 http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html CVE-2015-3294 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8 |
3f321a5a-b33b-11ec-80c2-1bb2c6a00592 | dnsmasq -- heap use-after-free in dhcp6_no_relay Petr Menà ¡ÃÂk reports:
Discovery 2022-03-31 Entry 2022-04-03 dnsmasq < 2.86_4,1 dnsmasq-devel < 2.86_4,1 CVE-2022-0934 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html |
5b5cf6e5-5b51-11eb-95ac-7f9491278677 | dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities Simon Kelley reports:
Discovery 2020-09-16 Entry 2021-01-20 dnsmasq < 2.83 dnsmasq-devel < 2.83 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014599.html https://www.jsof-tech.com/disclosures/dnspooq/ CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25687 |
5b72b1ff-877c-11eb-bd4f-2f1d57dafe46 | dnsmasq -- cache poisoning vulnerability in certain configurations Simon Kelley reports:
This only affects configurations of the form server=1.1.1.1@em0 or server=1.1.1.1@192.0.2.1, i. e. those that specify an interface to send through, or an IP address to send from, or use together with NetworkManager. Discovery 2021-03-17 Entry 2021-03-18 dnsmasq < 2.85.r1,1 dnsmasq-devel < 2.85.r1,3 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014835.html CVE-2021-3448 |
7927165a-0126-11e5-9d98-080027ef73ec | dnsmasq -- remotely exploitable buffer overflow in release candidate Simon Kelley reports:
(Corrections from second URL.) Discovery 2015-05-15 Entry 2015-05-23 dnsmasq-devel ge 2.73rc6 lt 2.73rc8 http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009529.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009535.html |
875e4cf8-3f0e-11e6-b3c8-14dae9d210b8 | dnsmasq -- denial of service reports:
Discovery 2016-04-18 Entry 2016-06-30 Modified 2016-06-30 dnsmasq < 2.76,1 dnsmasq-devel < 2.76.0test1 http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html http://www.openwall.com/lists/oss-security/2016/06/03/7 CVE-2015-8899 |
b77b5646-a778-11e7-ac58-b499baebfeaf | dnsmasq -- multiple vulnerabilities Google Project Zero reports:
Discovery 2017-10-02 Entry 2017-10-02 dnsmasq < 2.78,1 dnsmasq-devel < 2.78 https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 CVE-2017-13704 |