FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
86224a04-26de-11ea-97f2-001a8c5c04b6	cacti -- multiple vulnerabilities The cacti developers reports: When viewing graphs, some input variables are not properly checked (SQL injection possible). Multiple instances of lib/functions.php are affected by unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module. Discovery 2019-10-12 Entry 2020-01-06 cacti < 1.2.8 https://github.com/Cacti/cacti/releases/tag/release%2F1.2.8 CVE-2019-17357 CVE-2019-17358 ports/242834

VuXML ID

Description

86224a04-26de-11ea-97f2-001a8c5c04b6

cacti -- multiple vulnerabilities

The cacti developers reports:

When viewing graphs, some input variables are not properly checked (SQL injection possible).

Multiple instances of lib/functions.php are affected by unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.

Discovery 2019-10-12
Entry 2020-01-06
cacti

< 1.2.8

https://github.com/Cacti/cacti/releases/tag/release%2F1.2.8
CVE-2019-17357
CVE-2019-17358
ports/242834