This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
3d0eeef8-0cf9-11e8-99b0-d017c2987f9a | Mailman -- Cross-site scripting (XSS) vulnerability in the web UI Mark Sapiro reports:
Discovery 2018-01-20 Entry 2018-02-08 mailman < 2.1.26 mailman-with-htdig < 2.1.26 ja-mailman le 2.1.14.j7_3,1 https://www.mail-archive.com/mailman-users@python.org/msg70478.html CVE-2018-5950 |
739948e3-78bf-11e8-b23c-080027ac955c | mailman -- hardening against malicious listowners injecting evil HTML scripts Mark Sapiro reports:
Discovery 2018-03-09 Entry 2018-06-25 mailman < 2.1.27 mailman-with-htdig < 2.1.27 ja-mailman < 2.1.14.j7_5,1 https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS#L8 https://www.mail-archive.com/mailman-users@python.org/ CVE-2018-0618 |
8be2e304-cce6-11da-a3b1-00123ffe8333 | mailman -- Private Archive Script Cross-Site Scripting Secunia reports:
Discovery 2006-04-07 Entry 2006-04-16 mailman ja-mailman mailman-with-htdig < 2.1.8 CVE-2006-1712 http://mail.python.org/pipermail/mailman-announce/2006-April/000084.html http://secunia.com/advisories/19558/ |
a5f160fa-deee-11e4-99f8-080027ef73ec | mailman -- path traversal vulnerability Mark Sapiro reports:
Discovery 2015-03-27 Entry 2015-04-09 Modified 2015-06-17 mailman < 2.1.20 mailman-with-htdig < 2.1.20 ja-mailman < 2.1.14.j7_2,1 https://mail.python.org/pipermail/mailman-announce/2015-March/000209.html https://bugs.launchpad.net/mailman/+bug/1437145 CVE-2015-2775 |
ad9d2518-3471-4737-b60b-9a1f51023b28 | mailman -- password disclosure Barry Warsaw reports:
Discovery 2004-05-15 Entry 2005-06-01 mailman ja-mailman < 2.1.5 CVE-2004-0412 http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html |
b3cd00f7-c0c5-452d-87bc-086c5635333e | mailman -- generated passwords are poor quality Florian Weimer wrote:
Discovery 2004-12-15 Entry 2005-06-01 mailman ja-mailman < 2.1.6 CVE-2004-1143 http://mail.python.org/pipermail/mailman-developers/2004-December/017553.html http://mail.python.org/pipermail/mailman-developers/attachments/20041215/be238297/attachment.mht |
b4f0ad36-94a5-11e8-9007-080027ac955c | mailman -- content spoofing with invalid list names in web UI Mark Sapiro reports:
Discovery 2018-07-09 Entry 2018-07-31 mailman < 2.1.28 mailman-with-htdig < 2.1.28 ja-mailman < 2.1.14.j7_6,1 https://bugs.launchpad.net/mailman/+bug/1780874 https://mail.python.org/pipermail/mailman-announce/2018-July/000241.html CVE-2018-13796 |
c7ccc33f-7d31-11d9-a9e7-0001020eed82 | mailman -- directory traversal vulnerability A directory traversal vulnerability in mailman allow remote attackers to read arbitrary files due to inadequate input sanitizing. This could, among other things, lead remote attackers to gaining access to the mailman configuration database (which contains subscriber email addresses and passwords) or to the mail archives for private lists. Discovery 2005-01-02 Entry 2005-02-12 mailman ja-mailman < 2.1.5_2 CVE-2005-0202 http://marc.theaimsgroup.com/?l=full-disclosure&m=110797575304304 |
f47f2746-12c5-11dd-bab7-0016179b2dd5 | mailman -- script insertion vulnerability Secunia reports:
Discovery 2008-02-05 Entry 2008-04-25 ja-mailman mailman mailman-with-htdig < 2.1.10 CVE-2008-0564 27630 http://www.ubuntu.com/usn/usn-586-1 http://secunia.com/advisories/28794 http://sourceforge.net/project/shownotes.php?release_id=593924 |
fffa9257-3c17-11db-86ab-00123ffe8333 | mailman -- Multiple Vulnerabilities Secunia reports:
Discovery 2006-06-09 Entry 2006-09-04 Modified 2006-10-04 mailman ja-mailman mailman-with-htdig < 2.1.9.r1 19831 CVE-2006-2191 CVE-2006-2941 CVE-2006-3636 CVE-2006-4624 http://secunia.com/advisories/21732/ http://sourceforge.net/project/shownotes.php?group_id=103&release_id=444295 |