FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
bd1ab7a5-0e01-11e5-9976-a0f3c100ae18tidy -- heap-buffer-overflow

Geoff McLane reports:

tidy is affected by a write out of bounds when processing malformed html files.

This issue could be abused on server side applications that use php-tidy extension with user input.

The issue was confirmed, analyzed, and fixed by the tidy5 maintainer.


Discovery 2015-06-03
Entry 2015-06-08
Modified 2015-07-15
tidy4
le 20000804_3

tidy-devel
le 090315.c_2

tidy-lib
le 090315.c_2

tidy-html5
lt 4.9.31

https://github.com/htacg/tidy-html5/issues/217
http://seclists.org/oss-sec/2015/q2/633
http://seclists.org/oss-sec/2015/q3/116
CVE-2015-5522
CVE-2015-5523