FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a5de43ed-bc49-11ec-b516-0897988a1c07Asterisk -- func_odbc: Possible SQL Injection

The Asterisk project reports:

Some databases can use backslashes to escape certain characters, such as backticks. If input is provided to func_odbc which includes backslashes it is possible for func_odbc to construct a broken SQL query and the SQL query to fail.


Discovery 2022-04-14
Entry 2022-04-14
asterisk16
< 16.25.2

asterisk18
< 18.11.2

CVE-2022-26651
https://downloads.asterisk.org/pub/security/AST-2022-003.html
8838abf0-bc47-11ec-b516-0897988a1c07Asterisk -- multiple vulnerabilities

The Asterisk project reports:

AST-2022-001 - When using STIR/SHAKEN, its possible to download files that are not certificates. These files could be much larger than what you would expect to download.

AST-2022-002 - When using STIR/SHAKEN, its possible to send arbitrary requests like GET to interfaces such as localhost using the Identity header.


Discovery 2022-04-14
Entry 2022-04-14
asterisk16
gt 16.15.0 lt 16.25.2

asterisk18
< 18.11.2

CVE-2022-26498
https://downloads.asterisk.org/pub/security/AST-2022-001.html
CVE-2022-26499
https://downloads.asterisk.org/pub/security/AST-2022-002.html
8dd438ed-a338-11ed-b48b-589cfc0f81b0Asterisk -- multiple vulnerabilities

The Asterisk project reports:

AST-2022-007: Remote Crash Vulnerability in H323 channel add on

AST-2022-008: Use after free in res_pjsip_pubsub.c

AST-2022-009: GetConfig AMI Action can read files outside of Asterisk directory


Discovery 2022-12-01
Entry 2023-02-02
asterisk18
< 18.15.1

CVE-2022-37325
CVE-2022-42705
CVE-2022-42706
https://downloads.asterisk.org/pub/security/AST-2022-007.html
https://downloads.asterisk.org/pub/security/AST-2022-008.html
https://downloads.asterisk.org/pub/security/AST-2022-009.html