FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 18:22:07 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ae5722a6-f5f0-11ec-856e-d4c9ef517024cURL -- Multiple vulnerabilities

The cURL project reports:

  • CVE-2022-32205: Set-Cookie denial of service
  • CVE-2022-32206: HTTP compression denial of service
  • CVE-2022-32207: Unpreserved file permissions
  • CVE-2022-32208: FTP-KRB bad message verification

Discovery 2022-06-27
Entry 2022-06-27
curl
ge 7.16.4 lt 7.84.0

CVE-2022-32205
CVE-2022-32206
CVE-2022-32207
CVE-2022-32208
https://curl.se/docs/security.html
92a4d881-c6cf-11ec-a06f-d4c9ef517024cURL -- Multiple vulnerabilities

The cURL project reports:

  • OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
  • Credential leak on redirect (CVE-2022-27774)
  • Bad local IPv6 connection reuse (CVE-2022-27775)
  • Auth/cookie leak on redirect (CVE-2022-27776)

Discovery 2022-04-27
Entry 2022-04-28
curl
< 7.83.0

CVE-2022-22576
CVE-2022-27774
CVE-2022-27775
CVE-2022-27776
https://curl.se/docs/vuln-7.82.0.html
11e36890-d28c-11ec-a06f-d4c9ef517024curl -- Multiple vulnerabilities

The curl project reports:

CVE-2022-27778: curl removes wrong file on error

CVE-2022-27779: cookie for trailing dot TLD

CVE-2022-27780: percent-encoded path separator in URL host

CVE-2022-27781: CERTINFO never-ending busy-loop

CVE-2022-27782: TLS and SSH connection too eager reuse

CVE-2022-30115: HSTS bypass via trailing dot


Discovery 2022-05-11
Entry 2022-05-13
curl
< 7.83.1

CVE-2022-27778
CVE-2022-27779
CVE-2022-27780
CVE-2022-27781
CVE-2022-27782
CVE-2022-30115
https://curl.se/docs/security.html