FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c30c3a2e-4fb1-11e4-b275-14dae9d210b8	foreman-proxy SSL verification issue Foreman Security reports: The smart proxy when running in an SSL-secured mode permits incoming API calls to any endpoint without requiring, or performing any verification of an SSL client certificate. This permits any client with access to the API to make requests and perform actions permitting control of Puppet CA, DHCP, DNS etc.) Discovery 2014-05-09 Entry 2014-10-09 foreman-proxy < 1.6.2 CVE-2014-3691 https://groups.google.com/forum/#!topic/foreman-announce/LcjZx25Bl7U

VuXML ID

Description

c30c3a2e-4fb1-11e4-b275-14dae9d210b8

foreman-proxy SSL verification issue

Foreman Security reports:

The smart proxy when running in an SSL-secured mode permits incoming API calls to any endpoint without requiring, or performing any verification of an SSL client certificate. This permits any client with access to the API to make requests and perform actions permitting control of Puppet CA, DHCP, DNS etc.)

Discovery 2014-05-09
Entry 2014-10-09
foreman-proxy

< 1.6.2

CVE-2014-3691
https://groups.google.com/forum/#!topic/foreman-announce/LcjZx25Bl7U