FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 18:35:25 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
8838abf0-bc47-11ec-b516-0897988a1c07	Asterisk -- multiple vulnerabilities The Asterisk project reports: AST-2022-001 - When using STIR/SHAKEN, its possible to download files that are not certificates. These files could be much larger than what you would expect to download. AST-2022-002 - When using STIR/SHAKEN, its possible to send arbitrary requests like GET to interfaces such as localhost using the Identity header. Discovery 2022-04-14 Entry 2022-04-14 asterisk16 gt 16.15.0 lt 16.25.2 asterisk18 < 18.11.2 CVE-2022-26498 https://downloads.asterisk.org/pub/security/AST-2022-001.html CVE-2022-26499 https://downloads.asterisk.org/pub/security/AST-2022-002.html

VuXML ID

Description

8838abf0-bc47-11ec-b516-0897988a1c07

Asterisk -- multiple vulnerabilities

The Asterisk project reports:

AST-2022-001 - When using STIR/SHAKEN, its possible to download files that are not certificates. These files could be much larger than what you would expect to download.

AST-2022-002 - When using STIR/SHAKEN, its possible to send arbitrary requests like GET to interfaces such as localhost using the Identity header.

Discovery 2022-04-14
Entry 2022-04-14
asterisk16

gt 16.15.0 lt 16.25.2

asterisk18

< 18.11.2

CVE-2022-26498
https://downloads.asterisk.org/pub/security/AST-2022-001.html
CVE-2022-26499
https://downloads.asterisk.org/pub/security/AST-2022-002.html