FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
b07bdd3c-0809-11eb-a3a4-0019dbb15b3f | Payara -- path trasversal flaw via either loc/con parameters in Eclipse Mojarra
Payara Releases reports:
The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases:
- CVE-2020-6950 Eclipse Mojarra vulnerable to path trasversal flaw via either loc/con parameters
Discovery 2020-01-13 Entry 2020-10-06 payara
< 5.201
CVE-2020-6950
https://docs.payara.fish/community/docs/5.2020.4/security/security-fix-list.html
|
71c71ce0-0805-11eb-a3a4-0019dbb15b3f | payara -- multiple vulnerabilities
Payara Releases reports:
The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases:
- CVE-2018-14721 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks
- CVE-2018-14720 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct external XML entity (XXE) attacks
- CVE-2018-14719 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code
- CVE-2018-14718 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code
- CVE-2018-14371 Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter
Discovery 2019-02-01 Entry 2020-10-06 payara
< 5.191
CVE-2018-14721
CVE-2018-14720
CVE-2018-14719
CVE-2018-14718
CVE-2018-14371
https://docs.payara.fish/community/docs/5.191/security/security-fix-list.html
|
bd159669-0808-11eb-a3a4-0019dbb15b3f | Payara -- A Polymorphic Typing issue in FasterXML jackson-databind
Payara Releases reports:
The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases:
- CVE-2019-12086 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9
Discovery 2019-05-17 Entry 2020-10-06 payara
< 5.193
CVE-2019-12086
https://docs.payara.fish/community/docs/5.193/security/security-fix-list.html
|