FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a3cef1e6-51d8-11eb-9b8d-08002728f74cCairoSVG -- Regular Expression Denial of Service vulnerability

CairoSVG security advisories:

When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service (REDoS).

If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time.


Discovery 2020-12-30
Entry 2021-01-10
py36-cairosvg
py37-cairosvg
py38-cairosvg
py39-cairosvg
ge 2.0.0 lt 2.5.1

https://github.com/Kozea/CairoSVG/security/advisories/GHSA-hq37-853p-g5cf