FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
43e9ffd4-d6e0-11ed-956f-7054d21a9e2a	py39-pycares -- domain hijacking vulnerability Philipp Jeitner and Haya Shulman report: A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability. Discovery 2021-06-11 Entry 2023-04-09 py39-pycares < 4.2.0 CVE-2021-3672 https://osv.dev/vulnerability/GHSA-c58j-88f5-h53f

VuXML ID

Description

43e9ffd4-d6e0-11ed-956f-7054d21a9e2a

py39-pycares -- domain hijacking vulnerability

Philipp Jeitner and Haya Shulman report:

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking.

The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

Discovery 2021-06-11
Entry 2023-04-09
py39-pycares

< 4.2.0

CVE-2021-3672
https://osv.dev/vulnerability/GHSA-c58j-88f5-h53f