FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
70e71a24-0151-11ec-bf0c-080027eedc6abouncycastle15 -- bcrypt password checking vulnerability

The Bouncy Castle team reports:

The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.


Discovery 2020-11-02
Entry 2021-08-20
bouncycastle15
ge 1.65 lt 1.67

CVE-2020-28052
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28052