FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-15 08:21:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
57c1c2ee-7914-11ea-90bf-0800276545c1	Squid -- multiple vulnerabilities The Squid developers reports: Improper Input Validation issues in HTTP Request processing (CVE-2020-8449, CVE-2020-8450). Information Disclosure issue in FTP Gateway (CVE-2019-12528). Buffer Overflow issue in ext_lm_group_acl helper (CVE-2020-8517). Discovery 2020-02-10 Entry 2020-04-07 squid < 4.10 http://lists.squid-cache.org/pipermail/squid-announce/2020-February/000107.html https://nvd.nist.gov/vuln/detail/CVE-2020-8449 https://nvd.nist.gov/vuln/detail/CVE-2020-8450 https://nvd.nist.gov/vuln/detail/CVE-2019-12528 https://nvd.nist.gov/vuln/detail/CVE-2020-8517 CVE-2020-8449 CVE-2020-8450 CVE-2019-12528 CVE-2020-8517 ports/244026
f9ada0b5-3d80-11ed-9330-080027f5fec9	squid -- Exposure of sensitive information in cache manager Mikhail Evdokimov (aka konata) reports: Due to inconsistent handling of internal URIs Squid is vulnerable to Exposure of Sensitive Information about clients using the proxy. This problem allows a trusted client to directly access cache manager information bypassing the manager ACL protection. The available cache manager information contains records of internal network structure, client credentials, client identity and client traffic behaviour. Discovery 2022-04-17 Entry 2022-09-26 squid < 5.7 CVE-2022-41317 https://github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq

VuXML ID

Description

57c1c2ee-7914-11ea-90bf-0800276545c1

Squid -- multiple vulnerabilities

The Squid developers reports:

Improper Input Validation issues in HTTP Request processing (CVE-2020-8449, CVE-2020-8450).

Information Disclosure issue in FTP Gateway (CVE-2019-12528).

Buffer Overflow issue in ext_lm_group_acl helper (CVE-2020-8517).

Discovery 2020-02-10
Entry 2020-04-07
squid

< 4.10

http://lists.squid-cache.org/pipermail/squid-announce/2020-February/000107.html
https://nvd.nist.gov/vuln/detail/CVE-2020-8449
https://nvd.nist.gov/vuln/detail/CVE-2020-8450
https://nvd.nist.gov/vuln/detail/CVE-2019-12528
https://nvd.nist.gov/vuln/detail/CVE-2020-8517
CVE-2020-8449
CVE-2020-8450
CVE-2019-12528
CVE-2020-8517
ports/244026

f9ada0b5-3d80-11ed-9330-080027f5fec9

squid -- Exposure of sensitive information in cache manager

Mikhail Evdokimov (aka konata) reports:

Due to inconsistent handling of internal URIs Squid is vulnerable to Exposure of Sensitive Information about clients using the proxy. This problem allows a trusted client to directly access cache manager information bypassing the manager ACL protection. The available cache manager information contains records of internal network structure, client credentials, client identity and client traffic behaviour.

Discovery 2022-04-17
Entry 2022-09-26
squid

< 5.7

CVE-2022-41317
https://github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq