FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6954a2b0-bda8-11eb-a04e-641c67a117d8libzmq4 -- Stack overflow

Fang-Pen Lin reports:

A remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.


Discovery 2019-06-27
Entry 2021-05-25
libzmq4
< 4.3.2

CVE-2019-13132
https://github.com/zeromq/libzmq/releases/tag/v4.3.2
https://github.com/zeromq/libzmq/issues/3558
ports/255102