FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2eec1e85-faf3-11ea-8ac0-4437e6ad11c4tt-rss -- multiple vulnerabilities

tt-rss project reports:

The cached_url feature mishandles JavaScript inside an SVG document.

imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.

It does not validate all URLs before requesting them.

Allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.


Discovery 2020-09-15
Entry 2020-09-20
tt-rss
< g20200919

https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799
https://community.tt-rss.org/t/replace-php-gettext/2889
CVE-2020-25789
CVE-2020-25788
CVE-2020-25787
CVE-2016-6175