FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8d65aa3b-31ce-11ec-8c32-a14e8e520dc7mailman -- brute-force vuln on list admin password, and CSRF vuln in releases before 2.1.35

Mark Sapiro reports:

A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed.

A CSRF attack via the user options page could allow takeover of a users account. This is fixed.

Discovery 2021-10-18
Entry 2021-10-20
lt 2.1.35

lt 2.1.35