FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2eec1e85-faf3-11ea-8ac0-4437e6ad11c4tt-rss -- multiple vulnerabilities

tt-rss project reports:

The cached_url feature mishandles JavaScript inside an SVG document.

imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.

It does not validate all URLs before requesting them.

Allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.


Discovery 2020-09-15
Entry 2020-09-20
tt-rss
lt g20200919

https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799
https://community.tt-rss.org/t/replace-php-gettext/2889
CVE-2020-25789
CVE-2020-25788
CVE-2020-25787
CVE-2016-6175