FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c13a8c17-cbeb-11ed-956f-7054d21a9e2a	py39-lmdb -- multiple vulnerabilities TeamSeri0us reports: An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. An issue was discovered in py-lmdb 0.97. For certain values of mp_flags, mdb_page_touch does not properly set up mc->mc_pg[mc->top], leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdb_env_open2 if mdb_env_read_header obtains a zero value for a certain size field. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. Discovery 2019-09-11 Entry 2023-03-26 py39-lmdb < 0.98 CVE-2019-16224 https://osv.dev/vulnerability/PYSEC-2019-236 CVE-2019-16225 https://osv.dev/vulnerability/PYSEC-2019-237 CVE-2019-16226 https://osv.dev/vulnerability/PYSEC-2019-238 CVE-2019-16227 https://osv.dev/vulnerability/PYSEC-2019-239 CVE-2019-16228 https://osv.dev/vulnerability/PYSEC-2019-240

VuXML ID

Description

c13a8c17-cbeb-11ed-956f-7054d21a9e2a

py39-lmdb -- multiple vulnerabilities

TeamSeri0us reports:

An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

An issue was discovered in py-lmdb 0.97. For certain values of mp_flags, mdb_page_touch does not properly set up mc->mc_pg[mc->top], leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdb_env_open2 if mdb_env_read_header obtains a zero value for a certain size field. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

Discovery 2019-09-11
Entry 2023-03-26
py39-lmdb

< 0.98

CVE-2019-16224
https://osv.dev/vulnerability/PYSEC-2019-236
CVE-2019-16225
https://osv.dev/vulnerability/PYSEC-2019-237
CVE-2019-16226
https://osv.dev/vulnerability/PYSEC-2019-238
CVE-2019-16227
https://osv.dev/vulnerability/PYSEC-2019-239
CVE-2019-16228
https://osv.dev/vulnerability/PYSEC-2019-240