FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a4f8bb03-f52f-11ed-9859-080027083a05curl -- multiple vulnerabilities

Wei Chong Tan, Harry Sintonen, and Hiroki Kurosawa reports:

This update fixes 4 security vulnerabilities:

  • Medium CVE-2023-28319: UAF in SSH sha256 fingerprint check. Reported by Wei Chong Tan on 2023-03-21
  • Low CVE-2023-28320: siglongjmp race condition. Reported by Harry Sintonen on 2023-04-02
  • Low CVE-2023-28321: IDN wildcard match. Reported by Hiroki Kurosawa on 2023-04-17
  • Low CVE-2023-28322: more POST-after-PUT confusion. Reported by Hiroki Kurosawa on 2023-04-19

Discovery 2023-03-21
Entry 2023-05-19
curl
< 8.1.0

CVE-2023-28319
https://curl.se/docs/CVE-2023-28319.html
CVE-2023-28320
https://curl.se/docs/CVE-2023-28320.html
CVE-2023-28321
https://curl.se/docs/CVE-2023-28321.html
CVE-2023-28322
https://curl.se/docs/CVE-2023-28322.html