FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b07bdd3c-0809-11eb-a3a4-0019dbb15b3fPayara -- path trasversal flaw via either loc/con parameters in Eclipse Mojarra

Payara Releases reports:

The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases:

  • CVE-2020-6950 Eclipse Mojarra vulnerable to path trasversal flaw via either loc/con parameters

Discovery 2020-01-13
Entry 2020-10-06
payara
< 5.201

CVE-2020-6950
https://docs.payara.fish/community/docs/5.2020.4/security/security-fix-list.html
71c71ce0-0805-11eb-a3a4-0019dbb15b3fpayara -- multiple vulnerabilities

Payara Releases reports:

The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases:

  • CVE-2018-14721 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks
  • CVE-2018-14720 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct external XML entity (XXE) attacks
  • CVE-2018-14719 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code
  • CVE-2018-14718 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code
  • CVE-2018-14371 Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter

Discovery 2019-02-01
Entry 2020-10-06
payara
< 5.191

CVE-2018-14721
CVE-2018-14720
CVE-2018-14719
CVE-2018-14718
CVE-2018-14371
https://docs.payara.fish/community/docs/5.191/security/security-fix-list.html
bd159669-0808-11eb-a3a4-0019dbb15b3fPayara -- A Polymorphic Typing issue in FasterXML jackson-databind

Payara Releases reports:

The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases:

  • CVE-2019-12086 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9

Discovery 2019-05-17
Entry 2020-10-06
payara
< 5.193

CVE-2019-12086
https://docs.payara.fish/community/docs/5.193/security/security-fix-list.html