FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
48e83187-b6e9-11e6-b6cf-5453ed2e2b49p7zip -- Null pointer dereference

MITRE reports:

A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams, as used in the 7z.so library and in 7z applications, will cause a crash and a denial of service when decoding malformed 7z files.


Discovery 2016-07-17
Entry 2016-11-30
p7zip
< 15.14_2

CVE-2016-9296
https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/
https://sourceforge.net/p/p7zip/bugs/185/
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9296
942fff11-5ac4-11ec-89ea-c85b76ce9b5ap7zip -- usage of uninitialized memory

NVD reports:

Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.


Discovery 2018-05-02
Entry 2021-12-11
p7zip
< 18.05

CVE-2018-10115
https://nvd.nist.gov/vuln/detail/CVE-2018-10115
6d337396-0e4a-11e8-94c0-5453ed2e2b49p7zip -- heap-based buffer overflow

MITRE reports:

Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.


Discovery 2018-01-23
Entry 2018-02-10
p7zip
< 16.02_1

CVE-2017-17969
https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17969
https://nvd.nist.gov/vuln/detail/CVE-2017-17969
https://marc.info/?l=bugtraq&=151782582216805&=2